Hate to be a party pooper but there is ransomware targeting Linux. Dont buy into the falsehood that Linux is unhackable.
The Week in Ransomware - June 10th 2022 - Targeting Linux (bleepingcomputer.com)
Anatomy of a Linux Ransomware Attack | LinuxSecurity.com
I can also state that despite having every MS Windows security measure switched on, like Ransomware protection, now I keep a copy of my backups on my main desktop and offline, and the hackers trolling me have weaponised those backups. So when I have finished developing a template or some app, thats it, dont do any more work on it, until I start using it in anger, but as this can be a few months later as other stuff needs developing in between, months later when using those templates in anger, I find parts of the template have been restored to an earlier buggy version! Its annoying as &%^*!!! Not only does this demonstrate they have a level of oversight over my work, suggesting’s its not some automated blunt attack program, but I still cant find how they are communicating or getting the data from an offline computer. Now my monitors do have presence detection abit like this PowerSensor Monitor | Philips so my monitors know when I am in front of them or not, their range is probably a good 30 feet distance at 45 degrees from the monitor so anyone that had an early TV and wireless remote control will know you can transmit data using IR tv remotes, so this might be one of the ways they can cross the airgap. Early laptops also used to have an IR transmitter usually on the side of the laptop as did many Windows CE phones when we had proper tiny keyboards on the phones, and unlike laptop monitors I cant break these monitors apart easily to remove or disconnect the sensors. I’ve also disconnected all bluetooth and wifi adaptors from my desktop to remove that airgap risk, use shielded cables as these can also act as antenna’s, but the Intel Management Engine is still a risk, and getting at the Intel microcode or other chips which are not fused permanently are also valid attack vectors for hackers and there’s plenty of them to look at. This website is a gold mine for hacks, but some do need a physical presence Sprites mods - Hard disk hacking - Intro
I did find out a few years ago that the UK happens to run a stealth secondary ADSL stream to peoples houses for streaming video’s from content providers. So think of ADSL as a load radio stations all transmitting down a copper wire at the same time on their frequency. Your router is like a radio that can tune in to all the radio stations at the same time and reassemble the data transmitted over the different frequencies. When I was using an off the shelf router, and was poking around inside an ISP supplied router, thats when I discovered the second ADSL connection which is used for streaming content.
Now this has also tweeked my interest, because I now wonder if I can turn a router into a multi frequency radio scanner for over the air devices, with maybe some SDR components. A project for another time at the moment, but I do wonder what else we can do with these routers.
Anyway TLDR, Linux can be ransomwared and backups can be weaponised, so at least minimising the time a backup device spends connected to a computer could be useful, but I’m also aware any ransomware is going to be much smaller in size than backup and could potentially have the ability to store itself on backups as a sleeper bit of code waiting for some future date and condition to be reactivated.
I think all you can do is hope you can restore backups, but also clean down and reinstall any machine as quickly as possible which means logging all those little changes made to devices and software to get it just the way we want.