Cryptojacking Continues Troubling CISOs
Accenture Security firm has released a Cyber Threatscape report revealing that crypto jackers and other cybercriminals have been utilizing more cryptocurrency mining malware and the current method of operations by these criminals is set to move onto next year as malware shifts its attention towards alternative coins, especially Monero tokens.
However, the most unpleasant uncovering is that over 70 percent of those involved in the study, especially CISOs of many companies are saying that cyber-attacks remain in a grey area and many of these information officers have no idea how to deal with them or what their effect will be.
On the long run, this proves to be a significantly worrying situation. Last month, Skybox Security, one of the top companies in the world in terms of cybersecurity, published a report that revealed a significant amount of all cyber-attacks, 32 percent to be precise as a result of cryptocurrency mining, climbing over the most common and popular form of digital crime, ransomware. Ransomware is essentially a virus that infects a computer, locks all files on its operating system and essentially holds them hostage until the ransom has been paid.
Additionally, the threat itself is becoming more concerning as several incidents have proven, including Tesla’s AWS discovered to be secretly operating cryptocurrency mining malware earlier this year and the investigation in China which led to the arrest of 20 criminals involved in crypto jacking. Over $2.2 USD was illegally mined by the criminal group over a two-year period. Additionally, this week of August has been beneficial in terms of speculating on several cases involving illegal mining.
Calculations revealed that around 6000 individuals may have been compromised due to downloading a game called “Abstractism” from the popular gaming platform, Steam. As a result of these downloads, many people were exposed to a hacking attack by the Coinhive crypto jacking scheme that hacked into specifically exposed MikroTik routers. McAfee, one of the world’s top cybersecurity companies, posted on their blog and saying that the attack may possibly become a global one as a result of almost two million exposed routers operating all over the world.
Several cybersecurity experts have provided advice in terms of protecting one’s self from these attacks. According to Ben Ball of BlueCat, he states that crypto jacking schemes share a common factor in that they must communicate outwards and believes that DNS may provide the most efficient method of catching these threats in time and shutting down crypto jacking operations.
CSSE of McAfee, Gary Davis, has suggested paying attention to online warnings being posted. He states that companies and manufacturers of online and internet products will send out warnings when an issue has been detected. He also highly recommends securing your internet connection at home.