Malware Attacks Target Linux-based Operating Systems

Uploaded on 2021-09-01 in TECHNOLOGY--Resilience, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Trend Micro has found Linux operating systems are being targeted, with nearly 13 million malware detections in the first half of 2021. This is happening as organisations increase their digital footprint in the cloud and increase the Linux threat landscape. That is especially important as, according to Trend Micro, 90% of public clouds workloads run on Linux. 

Theses findings are in the Trend Micro's latest Linux Threat Report which investigates the top malware families affecting Linux servers during the first half of 2021.

Key Points include:-

  • Top malware families include: Coinminers (25%), Web shells (20%) and Ransomware (12%). The most prevalent detected was the modern ransomware family, DoppelPaymer. Other notable ransomware families seen targeting Linux systems as well are RansomExx, DarkRadiation, and the DarkSide.
  • Attacks on Linux are likely taking advantage of outdated software with unpatched vulnerabilities, with most detections arose from systems running end-of-life versions of Linux distributions including 44% from CentOS versions 7.4 to 7.9.
  • CentoS Linux (50.8%) and CloudLinux Server (31.24%) are the top Linux distributions with the found threat types, while web application attacks happen to be the most common attack vector.

Linux allows organisations to make the most of their cloud-based environments and power their digital transformation strategies and many modern IoT devices, cloud-based applications and technology run on some variation of Linux, making it a critical area of technology to secure. “In the industry, we see some very creative attacks and we have to stay ahead. Protecting the company, our employees, and our intellectual property is a priority,” commented John Breen, Global Head of Cybersecurity at the industrial control systems company Flowserve

“It’s safe to say that Linux is here to stay, and as organisations continue to move to Linux-based cloud workloads, malicious actors will follow... We have seen this as a main priority to ensure our customers receive the best security across their workloads, no matter the operating system they choose to run it on.”said Aaron Ansari, vice president of cloud security for Trend Micro. 

The report reveals that most detections arose from systems running end-of-life versions of Linux distributions. In addition, 200 different vulnerabilities were targeted in Linux environments in just six months.

This means attacks on Linux are likely taking advantage of outdated software with unpatched vulnerabilities.

Trend Mirco:

You Might Also Read:

Detecting & Mitigating Cyber Attacks:

 

« AWS Marketplace presents: How to integrate security into the DevOps pipeline
The Cyber Security Market Is Booming »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Navista

Navista

Navista's hardware and software modules are especially designed to ease the deployment of secure networks.

DeviceLock

DeviceLock

DeviceLock is a leading provider of endpoint device/port control and data leak prevention software.

Secure India

Secure India

Secure India provides Forensic Solutions that help Government and Business in dealing with prevention and resolution of Cyber related threats.

Khipu Networks

Khipu Networks

Khipu Networks is an award winning Cyber Security Company delivering a wide range of network, wireless and security solutions, technologies and services across multiple sectors.

Payatu

Payatu

Payatu Technologies is a security testing and services company specialized in Software, Application and Infrastructure security assessments and deep technical security training.

Unitrends

Unitrends

Unitrends helps IT pros do more with less by providing an all-in-one enterprise backup and continuity solution.

Endian

Endian

Endian’s mission is to provide a secure platform that connects distributed people and things, simplifying the digitalization of businesses.

Marvell Technology Group

Marvell Technology Group

Marvell is a semiconductor company providing solutions for storage, processing, networking, security and connectivity.

National Centre for Cyber Security (NCCS) - Pakistan

National Centre for Cyber Security (NCCS) - Pakistan

National Centre for Cyber Security (NCCS) undertakes cyber security research and plays a leading role in securing Pakistan’s Cyberspace.

Blockchain R&D Hub

Blockchain R&D Hub

Blockchain R&D Hub's mission is to serve the needs of blockchain ecosystem as the center of excellence for technology research and development.

Byos

Byos

Byos provides visibility of devices across all networks, regardless of location, integrating with your existing security stack.

Security Risk Management (SRM)

Security Risk Management (SRM)

SRM provide a comprehensive security risk management service encompassing people, processes, technology, governance, compliance and risk management.

Keepit

Keepit

Keepit offer all-inclusive, secure, and reliable backup and recovery services for your data.

Calamu

Calamu

Calamu is a software-defined storage security and resiliency platform that keeps your data secure and accessible wherever you choose to store it.

View

View

View is the leader in smart building technologies including OT cybersecurity to securely connect buildings to the cloud and manage building networks and OT devices.

Velaspan

Velaspan

Velaspan design, deploy, and manage enterprise wireless networks and cybersecurity solutions for leading businesses and brands.