2017 was the year when the word ransomware stopped being a term exclusive to cybersecurity experts and IT departments. The enormous media attention that attacks such as WannaCry and Petya/GoldenEye received turned this type of cyberthreat into one of the key trends for businesses last year.
But the constant evolution of cybercriminality has found a new mother-lode: cryptomining. It is no coincidence that bitcoin was included on Fundéu BBVA’s shortlist for word of the year in 2017, highlighting the impact that virtual currencies are currently having. And if there’s one group that knows this more than anyone, it’s cybercriminals, who have been able to develop a strategy of attacking third party computers and using them without consent to mine cryptocurrencies for their own financial gain. This has given rise to the concept that has irrefutably defined cybersecurity in 2018: cryptojacking.
2018, the year of cryptojacking
Back in March, we at Panda Security warned of the rise of cryptojacking as a threat to businesses, given the large amount of IT resources found in companies. As we explained, using malware, cybercriminals are able to leverage part of a device’s processing power in order to covertly mine cryptocurrencies; the victim notices nothing more than the slowing down of the device — an occurrence that they will most likely put down to something other than a cyberattack.
The year kicked off with several notable cases where such well known IT programs and websites as Microsoft Word, GitHub and YouTube were affected. But illegitimate cryptomining continues. We’ve recently seen new massive attacks: 200,000 MikroTik routers in Brasil were affected by one attack; CMS Drupal by another; and in China, a criminal group that had infected more than a million computers with cryptojacking tools over two years was arrested.
In light of all of this, it is perhaps unsurprising that in the first half of 2018 alone, there has been a 4,000% increase in the number of cryptojacking attacks on Public Administration. Conversely the number of ransomware cases fell 2% in the same period, according to data from the CNI (Spanish National Intelligence Center).
Other European countries have also been witness to this astronomical growth. In the United Kingdom, 59% of companies have been affected at one time or another by this cyberthreat, and 80% of the attacks that have been detected happened in 2018. This trend is also on the up in the Netherlands. The Dutch National Coordinator for Security and Counterterrorism warned that cryptojacking has become an “attractive and notable” cybercriminal strategy, and highlighted that criminals seek to illegally mine cryptocurrencies “more and more often”.
What to do in light of such a pessimistic landscape
First of all, don’t panic. By following a series of handy tips, your company can protect itself against possible incidents related to the cyberthreat de rigueur. Among the most indispensable tips on the list are:
- Carrying out periodical risk evaluations to identify possible vulnerabilities.
- Regularly updating all of the company’s systems and devices, and considering uninstalling software that isn’t being used.
- Protecting web browsers on endpoints with the installation of specific extensions that stop cryptomining by blocking malicious scripts.
- Thoroughly investigating any spikes in IT problems related to unusual CPU performance. If multiple employees report that their computers are slowing down or overheating, it could be a case of cryptojacking.
These actions need to be accompanied with the implementation of an advanced cybersecurity solution that provides key features such as detailed visibility of the activity on every endpoint, and that provides control of all running processes. This is what is provided by Panda Adaptive Defense, Panda Security’s cybersecurity suite, which is primed to protect all your company’s computers against any kind of cyberthreat, be it the classics, or the latest trends.