KONG SAR - Media OutReach -
30 August 2021 - (;), a global cybersecurity leader, today released new research on the state of
Linux security in the first half of 2021. The report gives valuable insight
into how Linux operating systems are being targeted as organizations increase
their digital footprint in the cloud and the pervasive threats that make up the
Linux threat landscape.
To read the full report,
Linux Threat Report 2021 1H: Linux Threats in the Cloud and Security
As of 2017, 90% of
public clouds workloads ran on Linux. According to Gartner®, "Rising
interest in cloud-native architectures is prompting questions about the future
need for server virtualization in the data center. The most common driver is
Linux-OS-based virtualization, which is the basis for containers.1"
organizations to make the most of their cloud-based environments and
power their digital transformation strategies. Many of today's most
cutting-edge IoT devices and cloud-based applications and technology run on
some flavor of Linux, making it a critical area of modern technology to secure.
"In the industry,
we see some very creative attacks and we have to stay ahead. Protecting the
company, our employees, and our intellectual property is a priority,"
says John Breen, Global Head of Cybersecurity
at Flowserve. "We'll continue to work closely and collaborate with Trend
Micro to ensure our people and our company remain protected."
The report investigates
the top malware families affecting Linux servers during the first half of 2021,
with the top types of malwares being:
- 25% Coinminers –
The high prevalence of cryptocurrency miners is of little surprise given the
clear motive of the seemingly endless amount of computing power the cloud
holds, making it the perfect environment.
- 20% Web shells –
The recent Microsoft Exchange Attack, which leveraged web shells, showed the
importance of patching against this type of malware
- 12% Ransomware –
The most prevalent detected was the modern ransomware family, DoppelPaymer,
however some other notable ransomware families seen targeting Linux systems as
well are RansomExx, DarkRadiation, and the DarkSide.
"It's safe to say
that Linux is here to stay, and as organizations continue to move to
Linux-based cloud workloads, malicious actors will follow," said Aaron Ansari, vice president of cloud security for Trend
Micro. "We have seen this as a main priority to ensure our customers
receive the best security across their workloads, no matter the operating
system they choose to run it on."
The report revealed that
most detections arose from systems running end-of-life versions of Linux
distributions, including 44% from CentOS versions 7.4 to 7.9. In addition, 200
different vulnerabilities were targeted in Linux environments in just six
months. This means attacks on Linux are likely taking advantage of outdated
software with unpatched vulnerabilities.
GARTNER is the registered trademark and service mark of Gartner Inc.,
and/or its affiliates and has been used herein with permission. All rights reserved.
1 Gartner - Rationalizing Applications and
Infrastructure for Cloud Delivery, Philip Dawson, 28 May 2021