September 2, 2022

Cybersecurity researchers from Trend Micro have noted a jump of 75% over the previous year in the number of ransomware attacks on Linux users.

In addition to ransomware groups, there is also a 145% increase in Linux-based cryptocurrency mining malware attacks. In this case, the attackers secretly exploit the power of infected computers and servers to mine for cryptocurrency for themselves.

Hackers are generally motivated to target industries where they know that there is a high possibility of making money. Therefore, encrypting Linux systems could be lucrative, given how quickly attacks on Linux servers increase.

One of the identified strategies that cyberattacks use to compromise Linux systems is to exploit unpatched vulnerabilities. The report identified one of the vulnerabilities known as Dirty Pipe. Dirty Pipe tracked as CVE-2022-0847 affects the Linux kernel version 5.8 and higher, which attackers can use to elevate privileges and execute code.

To protect Linux systems from cyberattacks, researchers recommend applying all security patches as quickly as possible to prevent attackers from exploiting publicly available exploits.

It is also important that organizations apply multi-factor authentication throughout the ecosystem. MFA will provide an additional level of defense and prevent ransomware hackers from carrying out lateral movements across the network.

The sources for this piece include an article in ZDNet.