13 million attacks on Linux-based clouds

September 28, 2021
| No comments
13 million attacks on Linux-based clouds

Share post

Trend Micro has seen nearly 13 million malware attacks on Linux-based cloud environments. In the first half of 2021, coinminers, webshells and ransomware account for 56 percent of attacks on Linux operating systems.

Trend Micro, one of the world's leading providers of cybersecurity solutions, publishes its report on the current security status of Linux systems in the first half of 2021. The study provides a detailed insight into how Linux operating systems are increasingly targeted due to the ongoing cloud transformation advised by attackers. It also examines other common threats in the Linux environment.

Ninety percent of public cloud workloads use Linux

In 2017, 90 percent of public cloud workloads were running on Linux. According to Gartner, “the increasing interest in cloud-native architectures raises the question of the future virtualization needs of servers in data centers. A Linux OS-based virtualization is most often used, which forms the basis for containers. ”(1) Linux supports companies in the use of cloud-based environments and in digital transformation. Many modern IoT devices, cloud applications and technologies run on a Linux variant, which must be protected as an important part of modern infrastructures.

Cloud: SSH is becoming a target

A look at Shodan, a search engine for the Internet of Things, for example, shows a striking result at port 22, a port that is commonly used for the Secure Shell Protocol (SSH) for Linux-based machines: Almost 19 million devices that use connected to the Internet have exposed this port and can become the target of an attack. With just under 1,7 million open ports, Germany is in second place worldwide - after the USA (just under 6,8 million).

The study analyzes the main malware families that have attacked Linux servers in the past six months. The Trend Micro researchers identify the following types of malware:

  • 25 percent coin miners - The widespread use of miners for cryptocurrency is no surprise given the large computing power of the cloud. High-performance cloud environments make it particularly attractive to use.
  • 20 percent webshells - The latest attack on Microsoft Exchange using webshells shows how important it is to install patches against this malware variant.
  • 12 percent ransomware - DoppelPaymer represents the largest share of ransomware, followed by the ransomware families RansomExx, DarkRadiation and DarkSide, which also target Linux operating systems.

“Linux has established itself permanently as an operating system in companies. With the ongoing migration to Linux-based cloud workloads, however, cybercriminal actors will also increasingly attack them, ”emphasizes Udo Schneider, IoT Security Evangelist Europe at Trend Micro. "That is why we see it as our main task to provide our customers with the best possible protection across their workloads - regardless of which operating system is used."

Outdated Linux systems are weak points

As the study shows, most of the vulnerabilities originated in systems with outdated versions of Linux distributions, including 44 percent from CentOS versions 7.4 to 7.9. In addition, 200 different vulnerabilities in Linux environments were exploited in just six months. According to this, cyber criminals are very likely to exploit outdated software with unpatched security holes on Linux systems. The complete Linux Threat Report for the first half of 2021 "Linux Threats in the Cloud and Security Recommendations" can be accessed online.

More at TrendMicro.com

 

About Trend Micro

As one of the world's leading providers of IT security, Trend Micro helps create a secure world for digital data exchange. With over 30 years of security expertise, global threat research, and constant innovation, Trend Micro offers protection for businesses, government agencies, and consumers. Thanks to our XGen™ security strategy, our solutions benefit from a cross-generational combination of defense techniques optimized for leading-edge environments. Networked threat information enables better and faster protection. Optimized for cloud workloads, endpoints, email, the IIoT and networks, our connected solutions provide centralized visibility across the entire enterprise for faster threat detection and response.

 

Matching articles on the topic

Report: 40 percent more phishing worldwide

The current spam and phishing report from Kaspersky for 2023 speaks for itself: users in Germany are after ➡ Read more

Cybersecurity platform with protection for 5G environments

Cybersecurity specialist Trend Micro unveils its platform-based approach to protecting organizations' ever-expanding attack surface, including securing ➡ Read more

Data manipulation, the underestimated danger

Every year, World Backup Day on March 31st serves as a reminder of the importance of up-to-date and easily accessible backups ➡ Read more

Printers as a security risk

Corporate printer fleets are increasingly becoming a blind spot and pose enormous problems for their efficiency and security. ➡ Read more

Stealth malware targets European companies

Hackers are attacking many companies across Europe with stealth malware. ESET researchers have reported a dramatic increase in so-called AceCryptor attacks via ➡ Read more

IT security: Basis for LockBit 4.0 defused

Trend Micro, working with the UK's National Crime Agency (NCA), analyzed the unpublished version that was in development ➡ Read more

The AI ​​Act and its consequences for data protection

With the AI ​​Act, the first law for AI has been approved and gives manufacturers of AI applications between six months and ➡ Read more

Windows operating systems: Almost two million computers at risk

There are no longer any updates for the Windows 7 and 8 operating systems. This means open security gaps and therefore worthwhile and ➡ Read more

PR News
, , , ,