Much has been written about the evolution of the cybercriminal. Young hackers who attacked websites just for thrills have grown into well-organized, well-funded criminal operations. The dark web has created a marketplace for hacking tools and collaboration. As cybercriminals evolve and operate more like businesses, they’ve begun to prioritize ROI.
This is one of the biggest reasons why the number of cryptojacking attacks was nearly twice that of ransomware attacks in 2018, according to a recent report from IBM security. Remember that ransomware arose because stolen credit card numbers are worth only a few pennies these days. Now, fewer victims of ransomware attacks are actually paying the ransom as awareness of these attacks has increased and defenses have improved. Cryptojacking is where the money is.
In a cryptojacking attack, a hacker will hijack the processing power of a computer, laptop, mobile device or server to mine cryptocurrency. Rather than stealing an organization’s sensitive data, they steal compute power to solve the complex math problems required for cryptomining. Miners earn cryptocurrency for their efforts and as the value of bitcoin goes up, so do the profits.
Hackers typically gain access to the device by sending a phishing email that tricks a user into clicking a malicious link, which loads a crypto mining script to the device. They can also inject code into a legitimate website or online ad. The code is executed simply through exposure to the website or ad in the user’s browser. This is called in-browser cryptojacking.
The beauty of cryptojacking from the hacker’s perspective is in the ROI. Cryptojacking is more profitable than ransomware because every compromised device will mine cryptocurrency and continuously generate revenue. Use of botnets translates to more compromised devices and more profits. You can even buy cryptojacking kits for under $50 on the dark web, so you don’t have to be a technical genius. Also, there’s a much lower risk of being caught because cryptojacking is difficult to trace. Many users aren’t concerned about cryptojacking because no data is stolen or compromised.
That is often the question with cryptojacking. If the only thing being stolen is compute power, what’s the big deal? Well, cryptojacking will probably cause performance slowdowns, which affect user productivity. Device batteries could overheat and the devices themselves could fail. Meanwhile, increased power consumption means increased energy costs. Organization will also have to spend money to investigate these issues and potentially replace devices.
Fortunately, there are simple steps organizations can take to avoid cryptojacking. Most security software is capable of preventing cryptojacking scripts, and there are browser extensions that stop cryptomining and alert users to excessive consumption of resources. Just like awareness has resulted in a reduction of ransomware attacks, users need to be educated about what cryptojacking is, how it starts, how it works, and the warning signs, such as slow application performance.
Verteks can determine if cryptojacking is a problem for your organization and take steps to stop it. Let us help you implement the necessary tools and training to reduce the risk of cryptojacking and preserve valuable compute power for the business applications that need it.