Linux-based systems rule most of the systems that are used today. It is the foundation that the devices we have rely on, but Malware targeting on Linux systems is growing. WatchGuard Technologies released a report last week that analyzed data collected from more than 26,000 appliances worldwide. This report found three Linux malware programs for the first quarter of the year; in comparison to only one Linux malware system detected in the first quarter of last year.
Watchguard CTO Corey Nachreiner stated “Linux attacks and malware on the rise, and we believe this is because systemic weaknesses in IoT devices, paired with their rapid growth, are steering botnet authors towards the Linux platform.” IoT(Internet of Things) devices are inter-connected devices like smart devices that are connected to the internet. Being connected to the internet is what makes these devices vulnerable to malware, viruses, etc.
Nachreiner and Security Threat Analyst Marc Laliberte suggested that “blocking inbound Telnet and SSH, along with using complex administrative passwords can prevent the clear majority of potential attacks.”. The Mirai botnet made a splash last September and was a part of a large growth of Linux Malware at the end of last year. With such a large amount of IoT devices being used today, new vulnerabilities are open to new attackers. “It’s our belief that the rise we’re seeing in Linux malware is going hand in hand with the new target of the internet,” says Corey. However, makers of IoT devices haven’t really been making an effort to strengthen their security unfortunately. These makers have other goals, to make their devices work, to make them cheap, and to make them quickly. They don’t even really care about developing some sort of security during the development process.
Most IoT manufacturers use a very simplified and barebones version of Linux because the operating system requires minimal system resources to operate. With this desire to make their devices user-friendly, the developers used protocols that are user-friendly to hackers. “Attackers can gain access to these vulnerable interfaces, then upload and execute the malicious code of their choice,” says Paul Fletcher, cybersecurity evangelist at Alert Logic. In 2017, cyber-criminals use many little tricks to insert their malware in way to evade signature-based detection, therefore so many networks that use basic antivirus become victims of threats like ransomware.
Don’t become a victim, inform yourself more by keeping up to Royal IT Support’s Tech Blogs page to keep up to date with what’s going on in the tech world today.
Network Engineer, MCSE, CCNP
July 8, 2017 Categories: