DALLAS – A recent report shows how Linux operating systems are being targeted by cyber threats as organizations increase their digital footprint in the cloud.
The “Linux Threat Report 2021 1H: Linux Threats in the Cloud and Security Recommendations” presents research on the state of Linux cloud security in the first half of 2021.
The report from Trend Micro, a cybersecurity company, was released last month.
The “Linux Threat Report” identifies the pervasive threats that make up the Linux threat landscape.
For example, more than 13 million malicious events have targeted Linux-based cloud environments.
Ninety percent of public cloud workloads were running Linux in 2017, according to Trend Micro.
Linux helps organizations get the most from their cloud-based environments and fuel their digital transformation strategies, ”Trend Micro said.
Many Internet of Things (IoT) devices and cloud-based applications run on some version of Linux, making it “a critical area of modern technology to secure.”
Still, the report reveals that most detections come from systems running end-of-life versions of Linux distributions, including 44% of CentOS versions 7.4 through 7.9.
The report also shows that 200 different vulnerabilities have been targeted in Linux environments, which means that attacks on Linux likely take advantage of outdated software with unpatched vulnerabilities.
“It’s safe to say that Linux is here to stay, and as businesses continue to migrate to Linux-based cloud workloads, malicious actors will follow,” said Aaron Ansari, vice president of cloud security at Trend Micro.
“We have seen this as a top priority to ensure our customers have the best security for their workloads, regardless of which operating system they choose to run it on. “
Main Malware Families Affecting Linux Servers
- Coinminers (25%): The high prevalence of cryptocurrency miners is not surprising given the clear reason for the seemingly endless amount of computing power the cloud holds, making it the perfect environment.
- Web shells (20%): The recent Microsoft Exchange attack, which used web shells, showed the importance of patching against this type of malware
- Ransomware (12%): The most prevalent was the modern DoppelPaymer ransomware family. However, other notable ransomware families also targeting Linux systems are RansomExx, DarkRadiation, and DarkSide.