Malware Attacks Target Linux-based Operating Systems

Uploaded on 2021-09-01 in TECHNOLOGY--Resilience, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Trend Micro has found Linux operating systems are being targeted, with nearly 13 million malware detections in the first half of 2021. This is happening as organisations increase their digital footprint in the cloud and increase the Linux threat landscape. That is especially important as, according to Trend Micro, 90% of public clouds workloads run on Linux. 

Theses findings are in the Trend Micro's latest Linux Threat Report which investigates the top malware families affecting Linux servers during the first half of 2021.

Key Points include:-

  • Top malware families include: Coinminers (25%), Web shells (20%) and Ransomware (12%). The most prevalent detected was the modern ransomware family, DoppelPaymer. Other notable ransomware families seen targeting Linux systems as well are RansomExx, DarkRadiation, and the DarkSide.
  • Attacks on Linux are likely taking advantage of outdated software with unpatched vulnerabilities, with most detections arose from systems running end-of-life versions of Linux distributions including 44% from CentOS versions 7.4 to 7.9.
  • CentoS Linux (50.8%) and CloudLinux Server (31.24%) are the top Linux distributions with the found threat types, while web application attacks happen to be the most common attack vector.

Linux allows organisations to make the most of their cloud-based environments and power their digital transformation strategies and many modern IoT devices, cloud-based applications and technology run on some variation of Linux, making it a critical area of technology to secure. “In the industry, we see some very creative attacks and we have to stay ahead. Protecting the company, our employees, and our intellectual property is a priority,” commented John Breen, Global Head of Cybersecurity at the industrial control systems company Flowserve

“It’s safe to say that Linux is here to stay, and as organisations continue to move to Linux-based cloud workloads, malicious actors will follow... We have seen this as a main priority to ensure our customers receive the best security across their workloads, no matter the operating system they choose to run it on.”said Aaron Ansari, vice president of cloud security for Trend Micro. 

The report reveals that most detections arose from systems running end-of-life versions of Linux distributions. In addition, 200 different vulnerabilities were targeted in Linux environments in just six months.

This means attacks on Linux are likely taking advantage of outdated software with unpatched vulnerabilities.

Trend Mirco:

You Might Also Read:

Detecting & Mitigating Cyber Attacks:

 

« AWS Marketplace presents: How to integrate security into the DevOps pipeline
The Cyber Security Market Is Booming »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Orolia

Orolia

Orolia are experts in deploying high precision GPS time through network infrastructure to synchronize critical operations.

Detack

Detack

Detack is an independent supplier of IT security auditing and consulting services.

Arthur J Gallagher & Co

Arthur J Gallagher & Co

Arthur J. Gallagher & Co. is a global insurance brokerage and risk management services firm. Services include Cyber Liability insurance.

First National Technology Solutions (FNTS)

First National Technology Solutions (FNTS)

First National Technology Solutions is a leading provider of flexible, customized hosted and remote managed services including IT security and compliance.

Mondo

Mondo

Mondo is the largest national staffing agency specializing exclusively in high-end, niche IT, Tech, and Digital Marketing talent. Areas of expertise include Cybersecurity.

PROMIA

PROMIA

PROMIA is in the business of providing solutions that are designed to support highly secure, reliable, scalable and interoperable business applications.

SCIPP International

SCIPP International

SCIPP’s courses are based on internationally recognized best business practices for security awareness, for both technical and non-technical staff and to comply with regulatory mandates.

CybernetIQ

CybernetIQ

CLAW by CybernetIQ is the industry's most advanced SOAR platform helping unify all cybersecurity tools under one umbrella and providing organizations faster, better and more accurate cybersecurity.

Angoka

Angoka

Angoka provide hardware-based solutions for managing the cybersecurity risks inherent in machine-to-machine communication networks.

Ampliphae

Ampliphae

Ampliphae gives you an easy-to-deploy, sophisticated and affordable cloud-discovery, security and compliance platform.

Seadot Cybersecurity

Seadot Cybersecurity

Seadot offer cybersecurity services to organizations with a high demand for regulatory compliance and security.

GovernmentCIO

GovernmentCIO

GovernmentCIO was founded with a single purpose: to transform government IT. We are thought leaders in data analytics, machine learning, cybersecurity and IT transformation.

ArmorCode

ArmorCode

ArmorCode's intelligent application security platform gives us unified visibility into AppSec postures and automates complex DevSecOps workflows.

inWebo

inWebo

inWebo is the specialist in multi-factor strong authentication (MFA). We guarantee the security of data and identities in a digital world with increasingly important economic and political stakes.

ITC Federal

ITC Federal

ITC Federal delivers IT cybersecurity assessment services to support agencies in meeting their security strategies and federal security compliance goals.

CoGuard

CoGuard

CoGuard is a patented solution that uses AI driven automation to provide fast, cost effective white-box penetration testing, infrastructure audits and infrastructure design services.