Cloud computing services have grown with hybrid working, leading to greater adoption of Linux-based platforms
Report of Trend Micro, a world reference in cybersecurity solutions, reveals that ransomware groups have increasingly targeted servers that use the Linux operating system. In the first half of 2022 alone, an increase of 75% in threats against structures of this type was recorded, compared to the same period last year.
This abrupt growth is attributed to the rise of cloud computing services, which use platforms based on Linux, so necessary in this era of hybrid work. “Cloud visibility is particularly important given the continued emergence of new cybercriminal groups. Unpatched vulnerabilities and misconfigured environments open the door for attackers, who are increasingly focusing on specific targets to gain greater financial advantage,” said Jon Clay, Vice President of Threat Intelligence at Trend Micro.
The report points to an increase of more than 57% in digital offensives against companies in the first half of 2022, as blocking 63 billion attacks in the period, against 40 billion in the first half of 2021. government, industry and healthcare were most targeted by cybercriminals.
“We know that many organizations are struggling to manage the security of the environment, given the new ways of working, and therefore it is essential that they improve the mapping, understanding and protection of the surface of digital attack”, highlights Cesar Candido, general director of Trend Micro in Brazil.
The detection of attacks Ransomware-as-a-Service grew in the first half of 2022, with almost twice as many registrations in six months. Big players such as LockBit and Conti saw an increase of 500%, compared to the previous year. This crime model has generated significant profits for ransomware developers and their affiliates.
New ransomware groups are popping up all the time. In this first semester, the highlight is Black Basta, a group that reached 50 organizations in just two months. While many criminals prefer “big game-hunting” with chasing large targets, small and medium-sized businesses are becoming increasingly popular with attackers.
One of the main vectors of ransomware is exploiting vulnerabilities. Trend Micro's Zero Day initiative issued advisories on 944 vulnerabilities during the period, representing an increase of 23%. The number of published critical bug notices has grown by about 400%.
APT (Advanced Persistent Threat) groups continue to improve their methods, employing expansive infrastructure and combining various malware tools. The 10x increase in the number of detections is further proof that threat actors are increasingly integrating Emotet as part of their strategies.
Other categories of attacks also showed growth. According to Trend Micro's report, scams targeting the use of Linux systems for cryptocurrency mining more than doubled, with 145% volume higher in this first half, compared to the same period in 2021.
