Story image

Australia ranks 8th as a global target for cryptomining attacks

26 Mar 2018

2018 is shaping up to be ‘the year of cryptomining’ as cybercriminals add the highly-profitable revenue stream to their arsenals, particularly as the ransomware market becomes too overpriced – and overcrowded.

Cryptominers, which enslave devices’ memory, CPU and power usage, can cause unwelcome side effects for some users. In some cases, miners can overhead batteries and render devices unusable. Enterprises can also experience network shutdowns and inflated cloud CPU usage, resulting in cost increases.

“Cryptomining is a rising threat to cyber and personal security,” comments Symantec’s chief technology officer – Pacific region, Nick Savvides.

“The massive profit incentive puts people, devices and organisations at risk of unauthorised coin miners siphoning resources from their systems, further motivating criminals to infiltrate everything from home PCs to giant data centers.”

The report says cryptomining is not illegal and some may see it as a better alternative to viewing ads or paying for content. Globally, cryptomining detections increased 8500% in 2017.

“The problems arise when people aren’t aware their computers are being used to mine cryptocurrency, or if cyber criminals surreptitiously install miners on victims’ computers or Internet of Things (IoT) devices without their knowledge,” it says.

“Now you could be fighting for resources on your phone, computer or IoT device as attacks use them for profit. People need to expand their defenses or they will pay for the price for someone else using their device,” Savvides adds.

Australia ranks second in Asia-Pacific Japan and eighth globally as a target for cryptomining, accounting for 2.8% of the global percentage.

Overall, attacks on Australia accounted for 1.06% of all global threat detections. It also ranked high as a target for threats including ransomware, phishing hosts, and web attacks.

The report also analysed the state of email malware. Spam email increased by 1.2% in 2017, accounting for 54.6% of all email detections. In Australia, 53.4% of emails were detected as spam.

The report found that bills, email delivery failures, legal/law enforcement, scanned documents, and package delivery rounded out the top five malicious email themes.

The most common keywords used in spam emails include standard words like delivery, mail and message; however words including ‘failed’, ‘invoices’, ‘images’ and ‘scanned’ also appeared on the top 10.

Globally, the overall phishing rate dropped from one in every 2596 emails in 2016 to one in 2995 in 2017.

Symantec says that as attackers evolve, there are many steps businesses can take to protect themselves. Here are some tips.

For businesses:

  • Don’t get caught flat-footed: Use advanced threat intelligence solutions to help you find indicators of compromise and respond faster to incidents.
  • Prepare for the worst: Incident management ensures your security framework is optimised, measurable and repeatable, and that lessons learned improve your security posture. Consider adding a retainer with a third-party expert to help manage crises.
  • Implement a multi-layered defense: Implement a multilayered defense strategy that addresses attack vectors at the gateway, mail server and endpoint. This also should include two-factor authentication, intrusion detection or protection systems (IPS), website vulnerability malware protection, and web security gateway solutions throughout the network.
  • Provide ongoing training about malicious email: Educate employees on the dangers posed by spear-phishing emails and other malicious email attacks, including where to internally report such attempts.
  • Monitor your resources: Make sure to monitor your resources and networks for abnormal and suspicious behavior and correlate it with threat intelligence from experts.

For consumers:

  • Change the default passwords on your devices and services: Use strong and unique passwords for computers, IoT devices and Wi-Fi networks. Don’t use common or easily guessable passwords such as “123456” or “password”.
  • Keep your operating system and software up to date: Software updates will frequently include patches for newly discovered security vulnerabilities that could be exploited by attackers.
  • Be extra careful on email: Email is one of the top infection methods. Delete any suspicious-looking email you receive, especially if they contain links and/or attachments. Be extremely wary of any Microsoft Office email attachment that advises you to enable macros to view its content.
  • Back up your files: Backing up your data is the single most effective way of combating a ransomware infection. Attackers can have leverage over their victims by encrypting their files and leaving them inaccessible. If you have backup copies, you can restore your files once the infection has been cleaned up.
Why SD-WAN is key for expanding businesses - SonicWall
One cost every organisation cannot compromise on is reliable and quick internet connection.
New threat rears its head in new malware report
Check Point’s researchers view Speakup as a significant threat, as it can be used to download and spread any malware.
Oracle updates enterprise blockchain platform
Oracle’s enterprise blockchain has been updated to include more capabilities to enhance development, integration, and deployment of customers’ new blockchain applications.
Used device market held back by lack of data security regulations
Mobile device users are sceptical about trading in their old device because they are concerned that data on those devices may be accessed or compromised after they hand it over.
Gartner names ExtraHop leader in network performance monitoring
ExtraHop provides enterprise cyber analytics that deliver security and performance from the inside out.
Symantec acquires zero trust innovator Luminate Security
Luminate’s Secure Access Cloud is supposedly natively constructed for a cloud-oriented, perimeter-less world.
Palo Alto releases new, feature-rich firewall
Palo Alto is calling it the ‘fastest-ever next-generation firewall’ with integrated cloud-based DNS Security service to stop attacks.
The right to be forgotten online could soon be forgotten
Despite bolstering free speech and access to information, the internet can be a double-edged sword, because that access to information goes both ways.