Recent research conducted by Kaspersky reveals an alarming rise in cyberattacks using exploits against Linux systems. Data from the Kaspersky Security Network indicates a nearly 130% spike in attacks targeting Linux users over the same timeframe last year compared with this quarter’s timeframe.
Linux, known for its robust security features, has become a prime target for cybercriminals seeking vulnerabilities to exploit. Let’s delve into the details of this concerning trend.
Exploits on the Rise
Exploits are programs designed to leverage various vulnerabilities in cyberattacks. The latest data reveals an increase in attacks with exploits against Linux users. The research indicates that the peak was in Q4 2023, while the overall trend for growth is persisting in 2024, with an insignificant decline in Q1.
Popularity of Linux Systems
Linux is gaining traction in the desktop operating system market. According to Statcounter, its market share has grown, and the number of users increased. This trend quite accurately explains the growing threat landscape we witness for Linux. In the future, the number of exploits and attacks is likely to grow even more, underscoring the vital need for installation of patches and having a reliable security solution.
Critical Vulnerability Registrations
Kaspersky recorded a 65% increase in the number of registered CVEs (Common Vulnerabilities and Exposures) over the last four years, from 15,000 in 2019 to 25,000 in 2023. Moreover, during the last year, researchers and companies logged critical vulnerabilities three times more frequently than the research period average.
Recommendations for Corporate Cybersecurity
To ensure corporate cybersecurity, companies are recommended to follow this advice:
- Thoroughly understand your infrastructure and closely monitor its assets, with particular focus on the perimeter.
- Implement a Patch Management process to detect vulnerable software within the infrastructure and promptly install security patches.
- Conduct regular security assessments to identify and patch vulnerabilities before they become an entry point for an attacker.
- To protect the company against a wide range of threats, use solutions from Kaspersky Next product line that provide real-time protection, threat visibility, investigation, and response capabilities of EDR and XDR for organizations of any size and industry.