You are assuming the Cryptolocker variant attacking a Linux system was not crafted specifically to be native on a Linux kernal. Cryptolocker malware targeting the Linux kernal would of course be crafted to operate in the Linux environment. Malware access to Linux might be gained with an as yet undefended privilege escalation to root vulnerability for one hypothetical example. Once the malware has gained root access, the malware can introduce the rest of the software needed to implement a Cryptolocker function or other ransomware. Fortunately, it is normally substantially more difficult to compromise the security of a Linux system.
Indeed I am. Despite Linux taking over more and more desktops as time goes by, the fact of the matter is that most people just settle for the 'default' OS and never bother to look beyond that and see what else might be possible. So, with very few exceptions the majority of malware is designed to exploit a 'doze system, and if that also happens to work through a java, javascript, flash file, or a ".net" extension which is also runnable in a Linux environment, well then all the better for the exploiter. That does not mean it has been deliberately crafted to run on Linux, however.
Cryptolocker malware targeting the Linux kernal would of course be crafted to operate in the Linux environment.
True, but realistically how many coders would deliberately concoct a Linux-only piece of software when Linux is so inherently difficult to crack? The 'doze cracks are much easier and affect more systems for the effort.
Malware access to Linux might be gained with an as yet undefended privilege escalation to root vulnerability for one hypothetical example.
I suppose that is possible, but then again, how often do you think a general user with no admin priveleges is going to gain access to the root account and system files? Not only is it incredibly difficult to accomplish, there is an entire world of Linux coders that would quickly track down the vulnerability and publicly issue a patch that would very quickly be added to the Critical security repos along with a public notification in all available media concerning it. After all, the 'nix coders are the ones who historically have discovered faults to begin with, along with developing fixes for them which MS has been quite reluctant or in some cases outright ignoring the problems discovered or pointing to the patches. If it was that simple then simple users would have been passing along patches to hack into admin privileges and system files long ago.