Google is now paying developers more money to work on securing their Linux kernels this year. The gesture may well be the start of the company’s bid to enforce a tighter grip on open source.
Google’s action comes on the heels of rising threats to Linux that unfolded in the last year, as hackers pivot to new strategies like writing malware strains in the Go programming language.
The spread rate of malware is staggering. Infected code incidents made a 500 percent spike in the last year. That represents a 2,000 percent increase since 2017, according to Google.
This spike is no doubt because Go allows hackers to be versatile and target Windows, Mac, and Linux from the same codebase. Adding to this, 2020 alone saw a 40 percent increase in Linux-related malware families.
We can speculate all we want on the number of factors driving this shift, such as accelerated cloud adoption. But there is no denying the existence of a significant marketplace gap.
Capsule8 is a firm that specializes in securing Linux-based production environments. It’s chief scientist and founder Brandon Edwards does not expect this trend in Linux vulnerabilities to die down.
“I know that they have been dedicated towards Linux kernel security at the developer level. And, you know that can obviously be a challenging effort because getting review and approval for code to go into the kernel always brings on a fight it seems,” Edwards told LinuxInsider.