I’m sure we can all agree that 2018 was the year of the cryptocurrency. The virtual currencies newfound popularity even stretched to our own shores with the RBZ eventually pouring cold water (or is it jecha) on that movement. Anyway, this popularity is exactly what made Cryptomining one of the most ideal ways to carry out a cyber attack. As it turns out attacks carried out through cryptomining were actually far more common than ransomware.
Here are some intriguing discoveries that were made by Check Point Research (CPR) in regards to attacks made by Cryptominers;
- Cryptominers infected 10x more organisations than ransomware in 2018, but only one in five IT security professionals were aware their company’s networks had been infected by mining malware.
- 37% of organisations globally were hit by cryptominers in 2018
- 20% of companies continue to be hit every week despite an 80% fall in cryptocurrency values.
Before you brush of CPR because you’re not entirely familiar with them, these are the same guys who discovered a flaw in WhatsApp’s encryption so they definitely know a thing or two about cybersecurity.
Why is cryptomining all the rage??
So why is crytpomining overtaking ransomware? Well, CPR explained the reasons pretty clearly,
-
Few victims actually pay the ransom
According to CPR, “Despite the high infection rate of large scale ransomware attacks such as WannaCry, for example, only $140,000 was earned in the attack. While this may seem like a lot, it is actually a small payment rate considering that over 400,000 computers were infected.”
-
The volatility of Cryptocurrency rates
CPR says “When ransom payments are demanded in bitcoin, it is crucial for the digital currency to have a favorable exchange rate to the dollar. This means the rate has to be optimal; not too high that the victim will be unlikely to pay, and not too low that it’s unprofitable for the attacker. In addition, while it is still very much a valuable currency, it has dropped hugely since mid-2017, making ransom payments, much less attractive when they’re paid.”
-
Cryptojacking malware is more effective
Apart from being more lucrative once-off, cryptominers are essentially getting a repeat customer when they sink their hooks. “Ransomware is highly visible and triggers alerts inside an organization. They may well be infected once, pay or not pay, but then they will take measures to keep it from happening again. Cryptojackers are stealthy, flying under the radar. They do not set off alerts or alarms and often their presence is unknown, which allows the attacker to hijack their target to generate income for as long as they wish, unbeknownst to their victims.”
Overall, the popularity of Cryptocurrencies gave cryptominers a backdoor to exploit on a wide scale because everyone wanted to get in on the action and the results are there for all to see.