Security experts have warned IT teams to improve protection for Linux servers and IoT devices after observing an increase in threats targeting these systems.
WatchGuard Technologies’ latest quarterly Internet Security Report is based on analysis of over 26,500 active UTM appliances round the world.
It revealed that overall malware detection dropped by 52% from Q4 2016 to the first three months of this year as seasonal campaigns ceased.
However, despite that fall in detected malware volumes, Linux malware comprised more than a third (36%) of the top threats observed by WatchGuard during the period.
Among the top 10 threats detected by the firm were “Linux/Exploit”, “Linux/Downloader” and “Linux/Flooder”, the latter related to generic DDoS tools.
Linux Exploit is a generic detection rule used by WatchGuard to catch Linux trojans which usually infect devices before scanning related networks for others hosting Telnet or SSH services, attempting to log in using default credentials or via brute force. This was the MO of the infamous Mirai malware.
Jonathon Whitley, director at WatchGuard Technologies, argued that IoT devices are not designed with security in mind and frequently run on unsupported legacy operating systems
“Consequently it is essential that they are protected by robust IPS and AV to ensure any vulnerabilities are addressed before the IoT device is accessed,” he told Infosecurity.
Submitted by: Arnfried Walbrecht