2018 is shaping up to be ‘the year of cryptomining’ as cybercriminals add the highly-profitable revenue stream to their arsenals, particularly as the ransomware market becomes too overpriced – and overcrowded.
Cryptominers, which enslave devices’ memory, CPU and power usage, can cause unwelcome side effects for some users. In some cases, miners can overhead batteries and render devices unusable. Enterprises can also experience network shutdowns and inflated cloud CPU usage, resulting in cost increases.
“Cryptomining is a rising threat to cyber and personal security,” comments Symantec’s chief technology officer – Pacific region, Nick Savvides.
“The massive profit incentive puts people, devices and organisations at risk of unauthorised coin miners siphoning resources from their systems, further motivating criminals to infiltrate everything from home PCs to giant data centers.”
The report says cryptomining is not illegal and some may see it as a better alternative to viewing ads or paying for content. Globally, cryptomining detections increased 8500% in 2017.
“The problems arise when people aren’t aware their computers are being used to mine cryptocurrency, or if cyber criminals surreptitiously install miners on victims’ computers or Internet of Things (IoT) devices without their knowledge,” it says.
“Now you could be fighting for resources on your phone, computer or IoT device as attacks use them for profit. People need to expand their defenses or they will pay for the price for someone else using their device,” Savvides adds.
Australia ranks second in Asia-Pacific Japan and eighth globally as a target for cryptomining, accounting for 2.8% of the global percentage.
Overall, attacks on Australia accounted for 1.06% of all global threat detections. It also ranked high as a target for threats including ransomware, phishing hosts, and web attacks.
The report also analysed the state of email malware. Spam email increased by 1.2% in 2017, accounting for 54.6% of all email detections. In Australia, 53.4% of emails were detected as spam.
The report found that bills, email delivery failures, legal/law enforcement, scanned documents, and package delivery rounded out the top five malicious email themes.
The most common keywords used in spam emails include standard words like delivery, mail and message; however words including ‘failed’, ‘invoices’, ‘images’ and ‘scanned’ also appeared on the top 10.
Globally, the overall phishing rate dropped from one in every 2596 emails in 2016 to one in 2995 in 2017.
Symantec says that as attackers evolve, there are many steps businesses can take to protect themselves. Here are some tips.