Connect with us

Hi, what are you looking for?

HEADLINES

OPINION | Defeating cryptojacking

David Maciejak, Director of Security Research, Fortinet

By David Maciejak, Director of Security Research, Fortinet

Cryptojacking is a new step in the evolution of malware monetisation methods.

One of the first successful monetisation formulas was banking malware, where banking credentials were communicated back to cyber criminals. However the conversion of credentials into cash is not an easy one.

Ransomware was another step that made the process simpler − victims would wire money directly to the cybercriminals. However, ransomware is losing its effectiveness as more computer users become aware of the threat, and improve their security and backup procedures.

Cryptojacking has one main advantage over these two monetisation methods − if well designed, the mining process can run in the background without drawing attention to itself. In the best case, the user will be unaware that there is any extra processing going on. This makes it almost a “victimless crime” in the sense that the user may not be aware that there is a problem, as opposed to having a computer visibly disabled, losing precious documents, or having money stolen from bank accounts.

Advertisement. Scroll to continue reading.

The downside for cybercriminals hoping to profit from cryptojacking is that many victims are needed to gain enough resources to make significant profits. Ultimately, that will be the factor that decides whether cryptojacking will continue as an attack vector, or whether its popularity will wane as new techniques are found, and the malware evolution continues.

How should organisations tackle new and evolving forms of attack like cryptojacking?

Deciding on the right approach to cyber security is essentially a risk management process.

Organisations need to conduct detailed reviews covering the assets that may be at risk, the protection mechanisms in place, and the potential damage to the company should those assets be stolen or destroyed. Assets may be information-based (files, credentials or databases) or, as more devices such as video cameras and physical security access systems become connected to the corporate network, physical property.

The damage to firms in the event of an attack may be difficult to assess. Monetary losses from paying off ransomware attacks are easy to determine, but things like document loss,  related recovery costs,  reputational damage and legal liabilities caused by loss of customer data are harder to quantify.

Advertisement. Scroll to continue reading.

Cryptojacking losses are likewise tough to put a finger on. Servers which are mining in the background will have reduced resources for dealing with real work, affecting business productivity. Customer experience on public-facing servers can also be degraded.

These losses, whilst difficult to value, can be substantial and it becomes more important than ever to put in place a complete security solution covering all parts of an organisation’s network, from the access to the cloud. This solution should not only protect against attacks, but also continually monitor the security “health” of the network to identify potential weak points, and pinpoint and deal with breaches before real damage is done.

 

 

Advertisement. Scroll to continue reading.
Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

The exploit, discovered by Kaspersky’s Global Research and Analysis Team (GReAT), required no user interaction beyond clicking a malicious link and demonstrated exceptional technical...

HEADLINES

At the end of 2023, Sophos X-Ops noted a significant increase in ‘remote encryption’ attacks – where ransomware attackers breach a compromised and often...

HEADLINES

With the launch of KATA 7.0, organizations can now benefit from enhanced Network Detection and Response (NDR) capabilities with deeper network visibility, internal threats...

HEADLINES

In 2024, Globe blocked 3,096 child pornography domains or those containing child sexual abuse and exploitation materials (CSAEM), a slight increase from 3,047 domains restricted...

HEADLINES

During a recent webinar on Building Resilience Against Online Scams, hosted by fiber broadband and technology provider Converge ICT Solutions Inc., its Chief Executive...

HEADLINES

In 2024, Kaspersky restructured its Partner Program into four key partner types, recognizing the diverse profiles within its network – from traditional resellers and...

White Papers

The study tested 2,000 UK and US consumers, exposing them to a series of real and deepfake content. The results are alarming: only 0.1%...

HEADLINES

Deepfakes pose significant threats and risks, with nearly half of companies worldwide reporting incidents in 2024, according to industry reports. HONOR’s innovative solution immediately...

Advertisement