A recent survey by Citrix, a software analysis firm, claims that one-third of UK firms and organizations have suffered from rampant cryptojacking attacks.
Cryptojacking Attacks on the Rise
Like many already know, cryptojacking is the process where hackers inject computers with a special form of malware that hijacks a computer’s processing power. The processing power is then used for mining cryptocurrencies. What’s even worse is that cryptojacking attacks can be so discreet that they often go completely unnoticed.
While cryptojacking attacks are nothing new in this day and age, they seem to have gotten out of hand recently, especially in the UK. In fact, analysts claim that 2018 has brought an entire wave of these attacks, which have reached near-epidemic proportions.
As mentioned, the attacks can remain unnoticed for a long time, and it mostly depends on the victim to realize that their computer is running slower than usual. Additionally, they might even notice that their computer’s fan is struggling more than it used to. These are essentially the only signs of a malicious activity that the computer will display on independently.
From the hackers’ point of view, cryptojacking attacks allow them to make a profit by mining crypto, but in a manner that doesn’t result in them utilizing their own processing power and other resources, like electricity. Such malicious processes are run in the background of the victim’s computer, so there is little to no chance of them being detected unless the victim is particularly tech-savvy and can quickly notice the signs of a hack.
Due to an increase in cryptojacking attacks, Citrix recently conducted a survey in order to determine the extent of the issue. According to results, over 59% of companies and organizations have discovered that their systems are infected with cryptojacking malware. Additionally, 80% of the firms surveyed uncovered the hack in the last six months. The results make sense, considering that this is the period when the popularity of cryptojacking attacks skyrocketed.
Nearly 60% of participants in this survey reported that the attack they experienced affected fewer than 50 computers. However, there is also 10% of the participants that have noticed over 100 infected machines within their organization. In one-third of these cases, the malware was discovered through network monitoring, while another third stated that the malware was discovered by their workers’ independent efforts.
Companies Not Prepared to Deal with Malware Attacks
Even though a large increase in these attacks, over 20% of these businesses admitted that they have no contingency plans prepared for such a situation. Not only that, but they don’t even hold access to proper cybersecurity defense methods to fend off a cryptojacking attack.
Until recently, ransomware was the most popular form of cyberattack, but that has changed with the increase in popularity of cryptocurrencies. Now, mining malware is the most popular choice for hackers around the world. Computers remain vulnerable, while the mining software is also relatively easy to inject into the machines. Furthermore, as aforementioned, the malware is so stealthy that it can remain undetected for a long time.
While cryptojacking is still largely considered to be a form of a cyberattack, it can still be used legally. In fact, it is used by some websites instead of ads and similar revenue models. One of the best examples of this is The Pirate Bay, a well-known internet pirating site, which has been ‘legally’ cryptojacking site visitors for months now.
Another interesting thing is that many analysts have defended this type of attacks, and have even gone as far as to say that they do not cause a lot of inconvenience for the victims. Many believe that this is a primary reason why these attacks have become so successful while continuing to explode in popularity. Still, when it comes to businesses, it is important for them to protect themselves against every threat, including those that are only using their processing power.
Due to more and more cases of businesses suffering from this form of an attack, it is advised for all firms to take additional steps in ensuring their cyberprotection. Remaining unprepared is simply not an option for companies that are serious about protecting their resources.