The last few years have given rise to a new & dangerous cyberthreat known as cryptojacking which is unlike typical malware — it does not demand ransom, spy or cripple enterprise systems or cause loss of data. We introduced the subject earlier and are re-iterating on the same with few additional pointers.
Enterprises should take this threat very seriously!
Increase in Cryptojacking attacks
In 2018, an Economic Times report observed that hackers were mining a fortune by running cryptocurrency scripts on Indian government websites, including the director of municipal administration of Andhra Pradesh, Tirupati Municipal Corporation and Macherla municipality. Seqrite’s Threat Report Q2 2019 also detected 19k cryptojacking attacks as against 17K in Q1, 2019 illustrating how this threat is seeing a rapid upsurge.
Since we already shared insights on the functionality of cryptojacking, here is some information on why cryptojacking is getting popular among the hacker community.
Why is Cryptojacking popular?
Less risk! Hackers love Cryptojacking because it is way less risky than planting ransomware in enterprise systems. In businesses worldwide, awareness of ransomware has grown. Hence, stakeholders are applying better and advanced solutions to protect against the same. This is not the same with Cryptojacking as this technique of infecting business machines is new.
While hackers can convince, say 4-5 businesses to pay, out of a 100 that they attack via ransomware, in cryptojacking they can ensure that all 100 machines that they attack work at full capacity to mine for cryptocurrency. This hacking technique is also very simple and does not require high technical skills. Cryptojacking kits can be easily picked up from the dark web for as less as $30.
For enterprises, cryptojacking attacks can lead to server outages and high costs of consumption. To prevent these attacks, they need to take the below-mentioned measures –
Ensure endpoint protection can detect these threats
As a threat which is on the rise, it is important for enterprises to update the endpoint protection solution they are using so they are able to detect and block cryptojacking threats. While like all other cyber threats, where the methods may constantly change, an updated security solution, such as Seqrite’s Endpoint Security, can detect and prevent cryptojacking attacks from happening.
Browser protection is key
Cryptojacking spreads by getting users to click on malicious links on websites which lead to the miner being installed on a system. The way to prevent this from happening is ensuring that browsers in the enterprise have strong protection installed which can prevent these scripts from running.
Use web filtering to block suspicious websites
Along with browser protection, it can be a good idea for enterprises to go one step further and use their web filtering solutions to block websites suspected of malicious activities such as cryptojacking from being accessed.
A strong MDM solution is important
Mobile Device Management (MDM) solutions like the Seqrite mSuite can prevent mobile devices from being infected by cryptojacking software offering cybersecurity for businesses that are also on-the-go.
Seqrite’s Unified Threat Management (UTM) solution offers ease of use and brings key security features such as network security, management, backup and recovery of data and other critical network services together under a single unified umbrella, preventing cryptojacking attacks at the source.