Cryptojacking more valuable than stealing data?

By Dylan Bushell-Embling
Monday, 12 March, 2018

Cryptojacking more valuable than stealing data?

The escalating value of Bitcoin and other cryptocurrency means that cryptojacking can be more valuable to cybercriminals than an organisation's data itself, according to Fortinet's latest Threat Landscape report.

Cryptojacking refers to hijacking an individual or organisation's computing power to mine for cryptocurrencies through malware or website script… with the latter being a legal grey area.

Fortinet's report found that the prevalence of cryptomining malware has grown worldwide. Individuals who access Bitcoin trading websites on work devices are opening their organisations up to risk, as these are the most targeted with malware.

Cryptojacking can take multiple forms, but the report identified three primary trends, each with a unique approach.

The first involves injecting JavaScript into vulnerable websites, the second involves using social engineering to attempt to get victims to download cryptomining malware and the third involves an increase in ransomware demands for alternative cryptocurrencies due to the increasingly unpredictable nature of Bitcoin's value.

The report meanwhile found that attackers are implementing swarm-like capabilities in their cyber attacks while simultaneously targeting multiple vulnerabilities, devices and access points.

There was an unprecedented volume of attacks during the fourth quarter of 2017, with an average of 274 exploits detected per company, up by 82% over the previous quarter. Meanwhile, the number of malware families increased by 25% and unique variants by 19%.

In Australia, attacks are particularly concentrated on the healthcare and education sectors, which could be down to lower than average internet hygiene among users in these sectors as well as the high rates of BYOD use among universities and high schools.

The report also identified an upswing in IoT attack intensity, with three of the top 20 attacks during the quarter targeting IoT devices while exploit activity quadrupled against devices like Wi-Fi cameras.

Other prevalent threats in the APAC region include ransomware, sophisticated malware targeting industrial control systems and stenography attacks — which involve embedding malicious code into images.

Image credit: © Caputo

Follow us and share on Twitter and Facebook

Related News

Cyberwar has begun, security professionals say

The world is currently in the middle of a cyberwar, according to 87% of security professionals.

Cybercrooks capitalise on Christchurch tragedy

CERT NZ has identified multiple attempts by cybercriminals to profit from the attention being...

Privacy sweep shows big compliance gaps

Only half of respondents to a global sweep of data protection practices among organisations in 18...

  • All content Copyright © 2019 Westwick-Farrow Pty Ltd