Contrary to Popular Belief, Linux Sytems Are Now Receiving Their Fair Share of Cyberattacks

The idea that "Linux is more secure than Windows" usually comes down to skewed perception. Much popular Windows software is maintained by Microsoft. An equivalent Linux system would heavily rely on 3rd party. Thus Linux escapes blame for many software vulns, Windows doesn't. - Marcus Hutchins

0

What happened over the period the COVID-19 pandemic started and when it reached its peak? Well, more people went online for work, school, entertainment, and more. To this end, it has been reported that over 73% of Information Technology security decision-makers are concerned about the growing digital attack space.

 A report released by Trend Micro has revealed several interesting trends and developments within the cybersecurity space. The continued growth of threat detections, which has increased exponentially since the pandemic forced greater adoption of digital functions, is one key finding.

The report states that many IT decision-makers are concerned about the rapid digitalization, with 43% claiming that the digital attack surface is spiraling out of control and 37% describing it as constantly evolving and messy.

“In light of the challenges faced by IT professionals, it is clear that there is a need for improved investment and understanding of the cyber-attack landscape,” the report says in part.

READ MORE: Retail Industry Second Most Targeted Industry by Ransomware in 2021

Additional highlights in the report include the following:

  • While new malware tends to receive the lion’s share of the spotlight, the first half of 2022 saw a significant resurgence of old favourite commodity malware, Emotet. Despite its infrastructure being taken down in 2021, the report showed detections of the botnet increased from 13,811 in H1 2021 to 148,701 in H1 2022. 
  • Cyber warfare is a growing trend with prominent groups launching attacks on Ukrainian targets before and during the conflict with Russia. In addition to this, other threat actors are targeting individuals outside of the conflict, capitalizing on curiosity and sympathy. Turning their attention away from dwindling interest in Covid-19, many are now using requests for donations as a guise for their spam emails. According to a recent report from Interpol, online scams through text messages and email top the list of most prominent threats in Africa. This is supported by Trend Micro’s regional statistics for H1 2022, which show well over 2.4 million blocked mails in the region. 
  • Ransomware as a service (RaaS) continues to grow as a threat with LockBit, Conti, and BlackCat at the helm. This profitable approach to cybercrime allows would-be cybercriminals to access tools and infrastructure that otherwise would not have been available to them. The RaaS system places the responsibility of infection on affiliates, providing developers with a layer of protection and additional time in which to evolve their malware. The growing popularity of this approach is largely responsible for the 2.5 million detections worldwide, of which nearly 200,000 occurred in Africa. 

READ MORE: After 2017’s WannaCry Attacks, Ransomware is Still the Number One Online Threat

  • Linux systems have become an attractive option for malicious actors looking to concentrate on servers and embedded systems, both areas where Linux is expected to see growth in the next few years. The new focus on the operating system became clear in H1 2022 which saw a 75% increase in ransomware attacks targeting Linux machines. This emerging trend is concerning to organizations as targeted infrastructure forms part of their critical infrastructure and successful attacks have the potential to deal significant damage. 
  • As investment in Cloud Computing in Africa continues to grow, new security challenges are emerging. Top of this list are cloud tunneling and containers. While cloud tunneling allows users to swiftly deploy assets and services – it can also prevent full visibility of the deployed assets. Trend Micro found attackers are taking advantage of this by launching attacks in unconventional places where IT teams tend not to look. Similarly, containers offer organizations increased speed and efficiency in their development cycles. However, many have failed to implement proper security controls, which can lead to compromise at various stages of the pipeline. Misconfigured container software remained a top concern in H1 2022 with 53% of respondents in a recent Red Hat survey reporting misconfiguration detection on their containers. 

Quote

“Although most detections and attacks are still aimed overseas, it is crucial that Africa invest in improved security measures. A critical part of this investment must be focused on resolving the skills shortage. While a comprehensive security solution like Trend Micro One can provide your systems with protection, skills development programs will play a key role in ensuring a safe future,” says Emmanuel Tzingakis, technical lead of sub-Saharan Africa.