Malware Attacks Target Linux-based Operating Systems

Uploaded on 2021-09-01 in TECHNOLOGY--Resilience, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Trend Micro has found Linux operating systems are being targeted, with nearly 13 million malware detections in the first half of 2021. This is happening as organisations increase their digital footprint in the cloud and increase the Linux threat landscape. That is especially important as, according to Trend Micro, 90% of public clouds workloads run on Linux. 

Theses findings are in the Trend Micro's latest Linux Threat Report which investigates the top malware families affecting Linux servers during the first half of 2021.

Key Points include:-

  • Top malware families include: Coinminers (25%), Web shells (20%) and Ransomware (12%). The most prevalent detected was the modern ransomware family, DoppelPaymer. Other notable ransomware families seen targeting Linux systems as well are RansomExx, DarkRadiation, and the DarkSide.
  • Attacks on Linux are likely taking advantage of outdated software with unpatched vulnerabilities, with most detections arose from systems running end-of-life versions of Linux distributions including 44% from CentOS versions 7.4 to 7.9.
  • CentoS Linux (50.8%) and CloudLinux Server (31.24%) are the top Linux distributions with the found threat types, while web application attacks happen to be the most common attack vector.

Linux allows organisations to make the most of their cloud-based environments and power their digital transformation strategies and many modern IoT devices, cloud-based applications and technology run on some variation of Linux, making it a critical area of technology to secure. “In the industry, we see some very creative attacks and we have to stay ahead. Protecting the company, our employees, and our intellectual property is a priority,” commented John Breen, Global Head of Cybersecurity at the industrial control systems company Flowserve

“It’s safe to say that Linux is here to stay, and as organisations continue to move to Linux-based cloud workloads, malicious actors will follow... We have seen this as a main priority to ensure our customers receive the best security across their workloads, no matter the operating system they choose to run it on.”said Aaron Ansari, vice president of cloud security for Trend Micro. 

The report reveals that most detections arose from systems running end-of-life versions of Linux distributions. In addition, 200 different vulnerabilities were targeted in Linux environments in just six months.

This means attacks on Linux are likely taking advantage of outdated software with unpatched vulnerabilities.

Trend Mirco:

You Might Also Read:

Detecting & Mitigating Cyber Attacks:

 

« AWS Marketplace presents: How to integrate security into the DevOps pipeline
The Cyber Security Market Is Booming »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CYBER 1

CYBER 1

CYBER 1 provides cyber security solutions to customers wanting to be resilient against new and existing threats.

Robert Half Technology

Robert Half Technology

Robert Half Technology offers a full spectrum of technology staffing solutions to meet contract and full-time IT recruitment needs.

Swimlane

Swimlane

Swimlane is a leader in security automation and orchestration (SAO). Our platform empowers organizations to manage, respond and neutralize cyber threats with adaptability, efficiency and speed.

TunnelBear

TunnelBear

TunnelBear is a Virtual Private Network services provider offering secure encrypted access to the internet.

MER Group

MER Group

MER Group is a world-leading solutions provider specializing in Homeland Security (HLS), Cyber and Intelligence, Communication Infrastructure and Tactical Communication Systems.

Farsight Security

Farsight Security

Farsight Security provides the world’s largest real-time actionable threat intelligence on how the Internet is changing.

Cycode

Cycode

Cycode is the industry’s first source code control, detection, and response platform.

C5 Capital

C5 Capital

C5 Capital is a specialist investment firm that exclusively invests in the secure data ecosystem including cybersecurity, cloud infrastructure, data analytics and space.

Etonwood

Etonwood

Etonwood specialises in infrastructure and vendor technology recruitment in areas including cloud platforms, cyber security and service management.

Jamf

Jamf

Jamf is the only Apple Enterprise Management solution of scale that remotely connects, manages and protects Apple users, devices and services.

Comcast Business

Comcast Business

Comcast Business keeps businesses ready for what’s next with powerful connectivity, advanced cybersecurity solutions, and the right people at your side.

Pillr

Pillr

Pillr is a cybersecurity operations platform capable of adapting to the demands of your business and team — and the global threat landscape.

Green Enterprise Solutions

Green Enterprise Solutions

Green Enterprise Solutions are a Namibian company providing Information and Communication Technology (ICT) services to corporate Namibia.

Papua New Guinea National Cyber Security Centre (PNG NCSC)

Papua New Guinea National Cyber Security Centre (PNG NCSC)

PNG NCSC is a jointly funded initiative enabling PNG to benefit with the most advanced cyber protection of its critical information and communications technology infrastructure.

ZILLIONe

ZILLIONe

ZILLIONe is one of Sri Lanka´s top enterprise technology solutions providers.

Recast Software

Recast Software

Recast Software exists to simplify the work of IT teams and enable them to create highly secure and compliant environments.

White Knight Labs

White Knight Labs

White Knight Labs is a cyber security consultancy that specializes in cybersecurity training.

Heritage Cyber World

Heritage Cyber World

Heritage Cyber World is a one stop solution for all your security needs that brings together a team of security experts and analysts to deliver high-class security services.