Malware Attacks Target Linux-based Operating Systems

Trend Micro has found Linux operating systems are being targeted, with nearly 13 million malware detections in the first half of 2021. This is happening as organisations increase their digital footprint in the cloud and increase the Linux threat landscape. That is especially important as, according to Trend Micro, 90% of public clouds workloads run on Linux. 

Theses findings are in the Trend Micro's latest Linux Threat Report which investigates the top malware families affecting Linux servers during the first half of 2021.

Key Points include:-

  • Top malware families include: Coinminers (25%), Web shells (20%) and Ransomware (12%). The most prevalent detected was the modern ransomware family, DoppelPaymer. Other notable ransomware families seen targeting Linux systems as well are RansomExx, DarkRadiation, and the DarkSide.
  • Attacks on Linux are likely taking advantage of outdated software with unpatched vulnerabilities, with most detections arose from systems running end-of-life versions of Linux distributions including 44% from CentOS versions 7.4 to 7.9.
  • CentoS Linux (50.8%) and CloudLinux Server (31.24%) are the top Linux distributions with the found threat types, while web application attacks happen to be the most common attack vector.

Linux allows organisations to make the most of their cloud-based environments and power their digital transformation strategies and many modern IoT devices, cloud-based applications and technology run on some variation of Linux, making it a critical area of technology to secure. “In the industry, we see some very creative attacks and we have to stay ahead. Protecting the company, our employees, and our intellectual property is a priority,” commented John Breen, Global Head of Cybersecurity at the industrial control systems company Flowserve

“It’s safe to say that Linux is here to stay, and as organisations continue to move to Linux-based cloud workloads, malicious actors will follow... We have seen this as a main priority to ensure our customers receive the best security across their workloads, no matter the operating system they choose to run it on.”said Aaron Ansari, vice president of cloud security for Trend Micro. 

The report reveals that most detections arose from systems running end-of-life versions of Linux distributions. In addition, 200 different vulnerabilities were targeted in Linux environments in just six months.

This means attacks on Linux are likely taking advantage of outdated software with unpatched vulnerabilities.

Trend Mirco:

You Might Also Read:

Detecting & Mitigating Cyber Attacks:

 

« AWS Marketplace presents: How to integrate security into the DevOps pipeline
The Cyber Security Market Is Booming »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ON-DEMAND WEBINAR: Gen AI for Security: Adoption strategies with Amazon Bedrock

ON-DEMAND WEBINAR: Gen AI for Security: Adoption strategies with Amazon Bedrock

Watch this webinar and get a comprehensive roadmap for securely adopting generative AI using Amazon Bedrock, a fully managed service that offers a choice of high-performing foundation models (FMs).

IOActive

IOActive

IOActive serves as a trusted security advisor to the Global 500 and other progressive enterprises, helping to safeguard their most important assets and improve their overall security posture.

CommuniTake

CommuniTake

CommuniTake builds security, enablement, and management solutions to provide people and organizations with better, and more secure mobile device use.

RunSafe Security

RunSafe Security

RunSafe Security is the pioneer of a patented cyberhardening transformation process designed to disrupt attackers and protect vulnerable embedded systems and devices.

Cyber Discovery

Cyber Discovery

Cyber Discovery, the UK Government's Cyber Schools Programme, is a learning programme designed to give young people the opportunity to learn the skills needed to enter the cyber security profession.

Data Theorem

Data Theorem

Data Theorem is a leading provider in modern application security. Its core mission is to analyze and secure any modern application anytime, anywhere.

Rede Nacional CSIRT

Rede Nacional CSIRT

Rede Nacional CSIRT is a national network of CSIRTs in Portugal aimed at cooperation and mutual assistance in the handling of incidents and in the sharing of good security practices.

Noblis

Noblis

Noblis is a dynamic science, technology, and strategy organization dedicated to creating forward-thinking technical and advisory solutions in the public interest.

SafeStack Academy

SafeStack Academy

SafeStack Academy is an online cyber security and privacy education platform. Our content is designed by experts to suit small businesses, growing companies, and development teams.

Assure IT

Assure IT

Assure IT is a Singapore company specialising in technology governance, risk and compliance.

Covenant Technologies

Covenant Technologies

Make Covenant Technologies the only choice for your IT and cybersecurity recruitment needs. We deliver quality candidates at the forefront of the cybersecurity and IT industry.

Gilsbar

Gilsbar

For more than half a century, Gilsbar has offered insurance service solutions and support for businesses and their employees.

ANSSI Burkina Faso

ANSSI Burkina Faso

ANSSI is responsible for managing the security of information systems and cyberspace in Burkina Faso.

Mogwai Labs

Mogwai Labs

Mogwai Labs deliver cutting-edge penetration tests, security assessments and trainings, to safeguard your applications, networks and cloud environments from cyber threats.

BlazeGuard

BlazeGuard

At BlazeGuard, we understand that navigating the complex world of cybersecurity can be challenging. That’s why we make it our mission to simplify the process for you.

Boston Government Services (BGS)

Boston Government Services (BGS)

Boston Government Services is an engineering, technology, and security firm providing mission-focused solutions for the clean energy, nuclear, and federal programs markets.

UberEther

UberEther

UberEther are a dedicated group of software developers and consultants developing and deploying the next generation of identity management and cloud solutions.