Ransomware has dominated cybersecurity news headlines for the past decade, and for good reason. Through a combination of advanced encryption and effective extortion mechanisms, a ransomware attack can have devastating consequences for any victim including data loss, reputation harm, recovery costs and significant downtime. While 85% of ransomware attacks target Windows systems, Linux is becoming an increasingly popular target due to the high value of the devices it powers – namely, servers that administer enterprise and government networks, web services and massive databases owned by organizations that can afford to pay to have operations and critical data restored after an attack. Although ransomware variants that target Linux devices are still in the minority, Linux ransomware has proven to be diverse and sophisticated in its distribution techniques and extortion methods. In this article, we’ll examine the anatomy of a Linux ransomware attack, explore the magnitude of the ransomware risk Linux users face compared to Windows users and offer some tips and advice for protecting against Linux ransomware.