EDITOR’S QUESTION
WHAT CAN
ORGANISATIONS DO
TO PREVENT THE RISE
IN CRYPTOCURRENCY
MINING ATTACKS?
//////////////////////////////////////////////////////////////////////////////////////////////////////////
T
he global outbreak in malicious
cryptocurrency mining that unfolded
in 2018 saw the number of attacks
increase by more than 83%, with over five
million users attacked online in the first
three quarters of the year, compared to 2.7
million over the same period in 2017. The
major driver behind the crypto gold rush
was the installation and use of unlicensed
software and content, according to
Kaspersky Lab.
In 2018, malicious cryptocurrency mining
prevailed over the main threat of the last few
years – ransomware. The number of Internet
users attacked by malicious cryptocurrency
mining software increased steadily during
the first half of the year, peaking in March,
with around 1.2 million users a month
coming under attack.
Kaspersky Lab experts have investigated the
economic background of the sudden onset
of cryptomining fever to discover what drove
the global distribution of this threat. They
analysed the regulatory landscape, electricity
prices in the top 10 countries targeted by
cryptominers and main infection vectors for
the popular malware families.
The analysis shows that neither
cryptocurrency legislation nor the cost of
power has a significant impact on the spread
of malicious mining malware. However, the
investigation of malware families reveals
24
INTELLIGENTCIO
that they mainly infected devices by duping
users into installing pirated software and
unlicensed content.
“Our analysis of the economic background
of malicious cryptomining and the reasons
for its widespread presence in certain regions
revealed a clear correlation – the easier it is
to distribute unlicensed software, the more
incidents of malicious cryptominer activity
were detected,” said Kaspersky Lab security
expert Evgeny Lopatin.
“In short, an activity not generally perceived
as dangerous – the downloading and
installation of dubious software – underpins
what is arguably the biggest cyberthreat
story of the year, malicious cryptomining.”
Other key findings from the report include:
• The total number of users who
encountered miners rose by more
than 83% from 2,726,491 in 2017 to
5,001,414 in 2018
• The share of miners detected, from the
overall number of threats detected also
grew, from 5% in 2017 to 8% in 2018
• The share of miners detected, from the
overall risk tool detections is also on the
rise – from 9% in 2017 to 17% in 2018
• The total number of users who
encountered mobile miners also grew,
increasing by over five times from 1,986
in 2017 to 10,242 in 2018
To reduce the risk of infection with miners,
consumers and businesses are advised to:
1. Always keep software updated on all
the devices you use. To prevent miners
from exploiting vulnerabilities, use
tools that can automatically detect
vulnerabilities and download and
install patches
2. For personal devices, use a reliable
consumer security solution and
remember to keep key features – such as
System Watcher – switched on
3. Don’t overlook less obvious targets,
such as queue management systems,
POS terminals, and even vending
machines. As the miner that relied on
the EternalBlue exploit shows, such
equipment can also be hijacked to
mine cryptocurrency
4. Use application control to track
malicious activity in legitimate
applications. Specialised devices
should be in Default Deny mode.
Use dedicated security solution, such
as Kaspersky Endpoint Security for
Business that includes these functions
5. To protect the corporate environment,
educate your employees and IT teams,
keep sensitive data separate and
restrict access
www.intelligentcio.com