Member
- Joined
- Oct 14, 2023
- Messages
- 225
- Thread Author
- #1
The shifting priorities of cybercriminals are causing alarm among security experts.
Check Point's latest research has revealed significant changes in the cyber threat landscape, where experts have found a clear increase in ransomware attacks on Linux systems, especially ESXi, compared to the traditionally most vulnerable Windows systems.
In the historical context, ransomware attacks mainly target Windows. Even the very first case of a ransomware attack, back in 1989, affected only computers running on the very first versions of Windows.
Only in 2015, with the advent of Linux.Encoder. 1, the active distribution of ransomware for Linux has begun. And since 2020, there has been a significant increase in such attacks.
Check Point's analysis covers 12 major ransomware families that can attack both Linux and Windows. A feature of ransomware targeting Linux is its relative simplicity compared to its Windows counterparts. Many of these threats use the OpenSSL library with ChaCha20/RSA and AES/RSA encryption algorithms.
A Check Point study shows that ransomware targeting Linux often reduces its functionality to simple encryption, making it difficult to detect. Special attention is paid to attacks on ESXi systems, as well as identifying vulnerabilities in open services as the main entry points.
Ransomware for Linux mainly targets servers inside large and medium-sized organizations, unlike the more versatile threats for Windows, which can attack literally every workplace. This indicates the targeting and complexity of such attacks.
Comparing encryption techniques, Check Point revealed a preference for OpenSSL in ransomware software for Linux, with AES and RSA as the main algorithms.
Thus, the rise in ransomware attacks on Linux systems, as shown by the Check Point study, is a vivid reminder of the ever-changing landscape of cyber threats. This highlights the need to strengthen the protection of Linux servers and systems in organizations, as well as constantly monitor and update security measures to combat the growing threat of ransomware and other attacks on this platform.
Check Point's latest research has revealed significant changes in the cyber threat landscape, where experts have found a clear increase in ransomware attacks on Linux systems, especially ESXi, compared to the traditionally most vulnerable Windows systems.
In the historical context, ransomware attacks mainly target Windows. Even the very first case of a ransomware attack, back in 1989, affected only computers running on the very first versions of Windows.
Only in 2015, with the advent of Linux.Encoder. 1, the active distribution of ransomware for Linux has begun. And since 2020, there has been a significant increase in such attacks.
Check Point's analysis covers 12 major ransomware families that can attack both Linux and Windows. A feature of ransomware targeting Linux is its relative simplicity compared to its Windows counterparts. Many of these threats use the OpenSSL library with ChaCha20/RSA and AES/RSA encryption algorithms.
A Check Point study shows that ransomware targeting Linux often reduces its functionality to simple encryption, making it difficult to detect. Special attention is paid to attacks on ESXi systems, as well as identifying vulnerabilities in open services as the main entry points.
Ransomware for Linux mainly targets servers inside large and medium-sized organizations, unlike the more versatile threats for Windows, which can attack literally every workplace. This indicates the targeting and complexity of such attacks.
Comparing encryption techniques, Check Point revealed a preference for OpenSSL in ransomware software for Linux, with AES and RSA as the main algorithms.
Thus, the rise in ransomware attacks on Linux systems, as shown by the Check Point study, is a vivid reminder of the ever-changing landscape of cyber threats. This highlights the need to strengthen the protection of Linux servers and systems in organizations, as well as constantly monitor and update security measures to combat the growing threat of ransomware and other attacks on this platform.