Malware Attacks Target Linux-based Operating Systems

Trend Micro has found Linux operating systems are being targeted, with nearly 13 million malware detections in the first half of 2021. This is happening as organisations increase their digital footprint in the cloud and increase the Linux threat landscape. That is especially important as, according to Trend Micro, 90% of public clouds workloads run on Linux. 

Theses findings are in the Trend Micro's latest Linux Threat Report which investigates the top malware families affecting Linux servers during the first half of 2021.

Key Points include:-

  • Top malware families include: Coinminers (25%), Web shells (20%) and Ransomware (12%). The most prevalent detected was the modern ransomware family, DoppelPaymer. Other notable ransomware families seen targeting Linux systems as well are RansomExx, DarkRadiation, and the DarkSide.
  • Attacks on Linux are likely taking advantage of outdated software with unpatched vulnerabilities, with most detections arose from systems running end-of-life versions of Linux distributions including 44% from CentOS versions 7.4 to 7.9.
  • CentoS Linux (50.8%) and CloudLinux Server (31.24%) are the top Linux distributions with the found threat types, while web application attacks happen to be the most common attack vector.

Linux allows organisations to make the most of their cloud-based environments and power their digital transformation strategies and many modern IoT devices, cloud-based applications and technology run on some variation of Linux, making it a critical area of technology to secure. “In the industry, we see some very creative attacks and we have to stay ahead. Protecting the company, our employees, and our intellectual property is a priority,” commented John Breen, Global Head of Cybersecurity at the industrial control systems company Flowserve

“It’s safe to say that Linux is here to stay, and as organisations continue to move to Linux-based cloud workloads, malicious actors will follow... We have seen this as a main priority to ensure our customers receive the best security across their workloads, no matter the operating system they choose to run it on.”said Aaron Ansari, vice president of cloud security for Trend Micro. 

The report reveals that most detections arose from systems running end-of-life versions of Linux distributions. In addition, 200 different vulnerabilities were targeted in Linux environments in just six months.

This means attacks on Linux are likely taking advantage of outdated software with unpatched vulnerabilities.

Trend Mirco:

You Might Also Read:

Detecting & Mitigating Cyber Attacks:

 

« AWS Marketplace presents: How to integrate security into the DevOps pipeline
The Cyber Security Market Is Booming »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Contrast Security

Contrast Security

Contrast Security is the leader in modernized application security, embedding code analysis and attack prevention directly into software.

K&D Insurance Brokers

K&D Insurance Brokers

K&D provide insurance for all sectors of industry and commerce including cyber risk cover.

Skkynet Cloud Systems

Skkynet Cloud Systems

Skkynet is a leader in real-time data systems for the secure management and control of industrial processes (SCADA) and embedded devices (M2M).

Saviynt

Saviynt

Saviynt is a leading provider of Cloud Security and Identity Governance solutions.

CyberGuarded

CyberGuarded

CyberGuarded are an accredited vendor independent information security testing and auditing company.

Edvance

Edvance

Edvance operates a range of cybersecurity businesses including value added cybersecurity solutions distribution, security technology innovation and development, and SaS solution offerings.

KOVRR

KOVRR

Kovrr enables (re)insurers to transparently predict and price cyber risk.

Next Horizon

Next Horizon

In the Next Horizon incubator, new disruptive models are being developed in Industry 4.0, Automated Driving and Internet-of-Things.

Hub One

Hub One

Hub one is a leading player in digital transformation with expertise in broadband connectivity, business solutions for traceability and mobility, IOT in industrial environments and cybersecurity.

BlackScore

BlackScore

BlackScore is a technology company seeking to disrupt risk assessment using AI-driven technology.

Axio Global

Axio Global

Axio is a leading cyber risk management SaaS company. Our Axio360 platform gives companies visibility to their cyber risk, and enables them to prioritize investments to protect their business.

Alkira

Alkira

Alkira has reinvented networking for the cloud era by delivering the network cloud, the first global unified network infrastructure with on-demand hybrid and multi-cloud connectivity.

Integris

Integris

Integris offers best-in-class services like dedicated vCIOs, specialized security and compliance advisory services, a 24/7 help desk, and more.

RiskSmart

RiskSmart

RiskSmart empower risk, compliance, and legal teams with a tech-led and data-driven platform designed to save time, reduce costs and add real value to businesses.

Sababa Security

Sababa Security

Sababa Security is the first Italian innovation cyber security vendor, that provides security products, training, and managed services to protect diverse IT and OT environments.

Cyber Capital Partners

Cyber Capital Partners

Cyber Capital Partners build strategic and financial partnerships with small and mid-sized cybersecurity companies in highly regulated markets.