Attacks by cybercriminals follow a new strategy that sees Linux operating systems become the prime target for hacking computer networks.
Rather than attacking connected devices and then reaching high-value targets, cybercriminals attack the server directly, resulting in greater gains. In short, they complete the reverse path. Cloud services, in fact, allow access to sensitive information and critical infrastructures, whether public or private. The problem is that currently the defenses in place are designed for Windows-based threats, thus leaving Linux operating systems vulnerable.
Attacks on cloud environments.
The cloud proves to be one of the emerging challenges, and direct attacks are expected to grow in the next period due to the greater value attributed to these environments. A ransomware attack in these cases can have disastrous effects, when combined with the exfiltration of data according to the now successfully used system of double extortion. Not only are data encrypted but their disclosure is also threatened, to push the victim to give in to blackmail. Thus, if attacks aimed at cloud environments allow maximum results to be obtained with minimal effort, cyber criminals are increasingly looking for valuable resources in these environments.
Linux based cryptocurrencies.
Attacks called cryptojacking allows to take over cryptocurrencies for immediate gains. These are more difficult attacks to detect, since they do not completely block the operation of systems and therefore even more dangerous. Again the target are Linux-based platforms.
Last year hundreds of Linux OS-based devices were infected with mininig malware. According to the report prepared by WMware, 89% of Cryptojacking attacks use XMRig-related libraries.
