"There has been a big increase in ransomware attacks targeting Linux," reports ZDNet.
According to one analysis of cybersecurity researchers at Trend Micro, Linux servers are "increasingly under fire" from ransomware attacks, with detections up 75% over the past year as cybercriminals look to expand their attacks beyond Windows operating systems.
Linux is heavily used as a server operating system, which makes it a very attractive target for ransomware gangs — especially when the lack of threats to Linux systems compared to Windows means that cybersecurity teams choose to focus primarily on defending Windows networks . Researchers report that ransomware groups are increasingly tailoring their attacks to specifically target Linux systems.
For example, LockBit is one of the most prolific and successful ransomware of recent years, now it also offers a Linux variant that is designed to target Linux systems and has already been used to carry out attacks.
And it's not just ransomware groups that are increasingly turning their attention to Linux – according to Trend Micro, there's been a 145% increase in attacks maliciousυ λογισμικού εξόρυξης κρυπτονομισμάτων που βασίζονται σε Linux, όπου οι εγκληματίες του κυβερνοχώρου εκμεταλλεύονται κρυφά τη δύναμη των μολυσμένων computers and servers to mine for cryptocurrencies for themselves.
One of the ways cybercriminals compromise Linux systems is by exploiting unpatched vulnerabilities.
According to the report, these flaws include CVE-2022-0847 — also known as Dirty Pipe — a bug that affects the Linux kernel from versions 5.8 and up. Attackers can use this vulnerability to escalate their privileges and run malicious code. The researchers warn that this bug is "relatively easy to exploit".
The article recommends that you install all of the security updates once they are released — and implement multi-factor authentication factors in your business.