Cryptojacking Dethrones Ransomware as the Most Prevalent Cyber Attack Vector
October 13, 2018 by Akshay Makadiya
A new threat report by American cybersecurity firm Webroot indicates that cryptojacking was a more prevalent form of cyber attack than ransomware in the first half of 2018. As an effort to combat cryptojacking, researchers at Webroot recommend implementing a multi-faceted security approach that incorporates education programs designed to elevate awareness of the problem.
Subscribe to the Bitsonline YouTube channel for great videos featuring industry insiders & experts
Cryptojacking Accounts for 35 Percent of All Cyber Attacks
The Webroot Threat Research Team noted that cryptojacking had supplanted ransomware to become the most popular attack vector among bad actors. Cybercriminals are pivoting to cryptojacking, which accounted for 35 percent of all cyber attacks in the first six months of 2018.
One reason for the shift is due to the fact that the illicit and non-consensual method of mining cryptocurrencies pays bad actors more money at less risk. To further maximize profits, cybercriminals are expanding their attack surface by targeting Internet-of-Things (IoT) devices, as per the threat report findings.
The Webroot report states that:
“Many criminals have moved on to easier, faster, and less-risky ways to benefit from cryptocurrency without using malware. Very profitable yet with a minimal criminal footprint, cryptomining works on any device—not just computers and phones, but even IoT devices like routers and TVs.”
Cryptojacking Activity Will Continue to Soar
Most cryptojacking attacks are designed to mine open-source and anonymous cryptocurrency Monero (XMR). Monero’s anonymity feature makes it easier for cybercriminals to hide their ill-gotten gains. Taking advantage of the anonymity, cybercriminals have tweaked their ransomware business model by demanding payments in cryptocurrencies instead of fiat.
The findings suggest that CoinHive, a web-based JavaScript program developed to mine Monero, is one of the biggest sources responsible for the cryptojacking epidemic. Although CoinHive mandates that all websites using its mining script should inform its users, most webmasters find it very easy to dodge the directive.
The Webroot research team believes that if the illegal mining spree continues, cryptojacking is estimated to account for three percent of global electricity consumption by 2020. Researchers are confident that the illegal crypto mining trend will only have escalated in the second half of the year.
Cybersecurity heavyweight McAfee Labs recently presented similar findings, stating that cryptojacking attacks on IoT devices have surged, while overall cryptojacking activity continues to multiply.
Employing a Layered Approach
The threat landscape is ever-changing as cybercriminals continuously evolve with new techniques to exploit vulnerabilities. Hence, analysts at Webroot believe that awareness and continuous security reinforcements are a must to decrease the impact of the attacks.
The mid-year report states:
“The best and only way to withstand evolving threats is to employ a layered approach: proven security technology that covers all threat vectors and is constantly kept up to date, coupled with sophisticated, ongoing end-user awareness training.”
Cryptojacking dominates the cyber attack space as criminals continue to follow the money. Researchers at Webroot claim that running security training campaigns can increase awareness among people and reduce the risk of falling victim to illicit mining attacks.
Does the rise of cryptojacking affect the entire crypto sector? Share your views in the comments section below.
Images via Pixabay
