Linux cloud environments face an onslaught of malware attacks

Cloud Security
(Image credit: laymanzoom / Shutterstock)

Linux systems are being bombarded by an increasing number of cyberthreats, a new report has uncovered.

The findings from Trend Micro looking into the state of Linux security in the first half of 2021, examined 13 million security incidents, revealing interesting insight into the threats faced by the open source operating system.

The report comes when an increasing number of businesses are migrating their operations to the cloud, a majority of which are powered by Linux-based server distros.

TechRadar needs you!

We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.

>> Click here to start the survey in a new window <<

"It's safe to say that Linux is here to stay, and as organizations continue to move to Linux-based cloud workloads, malicious actors will follow," said Aaron Ansari, vice president of cloud security for Trend Micro.

The IT security company argues that Linux enables businesses to extract the maximum potential from their cloud-based environments, which has helped it become a key component in most digital transformation strategies, and a critical aspect “of modern technology to secure.”

Don’t run outdated software

Trend Micro’s analysis shows that threat actors exploited about 200 different vulnerabilities to attack unpatched servers.

“The applications affected by these 200 vulnerabilities have a few clear targets, including WordPress or Apache Struts, but services such as Atlassian JIRA, dnsmasq, and Alibaba Nacos aren't the first ones a security expert would automatically assume to be in attackers’ crosshairs,” notes the report.

Interestingly, the report notes that a majority of the attacks on Linux target outdated software with unpatched vulnerabilities. For instance, most of the detections in the report came from systems running end-of-life versions of the Linux server distros, including 44% from CentOS versions 7.4 to 7.9.

The report also gives a breakdown of the top malware families that targeted Linux servers during the first half of 2021, with 25% being cryptocurrency miners, 20% being web shells, and 12% being ransomware.

Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.