Linux is a coveted target. It is the host operating system for numerous application backends and servers and powers a wide variety of internet of things (IoT) devices. Still, not enough is done to protect the machines running it.
“Linux malware has been massively overlooked,” says Giovanni Vigna, senior director of threat intelligence at VMware. “Since most of the cloud hosts run Linux, being able to compromise Linux-based platforms allows the attacker to access an enormous amount of resources or to inflict substantial damage through ransomware and wipers.”
In recent years, cybercriminals and nation-state actors have targeted Linux-based systems. The goal was often to infiltrate corporate and government networks or gain access to critical infrastructure, according to a recent VMware report. They leverage weak authentication, unpatched vulnerabilities, and server misconfigurations, among others.