Cyberattacks Targeting Linux Users Skyrockets

Cybersecurity researchers at Trend Micro have identified a 75% leap year-over-year in the number of ransomware attacks targeting Linux users.

Apart from ransomware groups, there is also a 145% increase in Linux-based cryptocurrency-mining malware attacks. In this case, the attackers secretly exploit the power of infected computers and servers to mine for cryptocurrency for themselves.

Hackers are generally motivated to target industries where they know there is a high possibility of making money. Therefore, encrypting Linux systems could be lucrative judging by how fast attacks targeting Linux servers are increasing.

One of the identified strategies used by cyberattacks to compromise Linux systems is by exploiting unpatched vulnerabilities. The report identified one of the flaws known as Dirty Pipe.

Dirty Pipe is tracked as CVE-2022-0847 and it affects the Linux kernel from version 5.8 and up which attackers can use to escalate their privileges and run code.

To protect systems from cyberattacks, researchers recommend that all security patches be applied as soon as possible. This will prevent attackers from taking advantage of publicly available exploits.

It is also important that organizations apply multi-factor authentication across the ecosystem. MFA will provide an additional layer of defense and prevent ransomware hackers from conducting lateral movement across the network.

“New and emerging threat groups continue to evolve their business model, focusing their attacks with even greater precision. That’s why it’s essential that organizations get better at mapping, understanding, and protecting their expanding digital attack surface,” said Jon Clay, VP of threat intelligence for Trend Micro.

The sources for this piece include an article in ZDNet.