Cryptojacking is a relatively new technique which enables cyber-criminals to illegally “mine” cryptocurrencies on both vulnerable web servers and unsuspecting users’ devices. Cryptocurrency mining is the process by which cryptocurrency “coins” are created. In simple terms, miners use computational resources to perform calculations, which involve iterating through billions of random inputs, until a desired output is achieved. Of course, it’s a lot more complicated than that, but an explanation about cryptocurrency mining is beyond the scope of this article. Since mining uses a lot of processing power, cyber-criminals have found a way to get their victims to mine the coins on their behalf, often without them knowing. They are able to do this by infecting a vulnerable server with a type of malware that runs the mining program. Each time a user visits an infected website, the program is installed on their device, where it runs in the background mining the coins.
Cryptojacking is becoming an increasingly popular attack vector. According to a recent report by Kaspersky Lab, “ransomware is rapidly vanishing, and that cryptocurrency mining is starting to take its place”. There are a number of reasons why this trend is likely to continue.
Cryptojacking Offers Better and More Reliable Rewards
As organisations continue to prepare themselves for ransomware attacks by educating staff, keeping reliable backups, scanning mail-servers, patching software, segmenting networks and adopting threshold alerting solutions to minimize the spread of infection, the likelihood of corporations paying the ransom is becoming increasingly less. Not only that, but companies have been discouraged from paying the ransom as “less than half of paying ransomware targets get their files back”. Additionally, unlike Cryptojacking, ransomware has no mechanism by which to repeatedly extort its victims.
Ransomware Takes Time and Effort to Develop and Deploy
A lot of ransomware attacks are targeted, which involves research, planning and patience, and the malware itself takes time to develop and deploy. Cryptojacking, on the other hand, is far less complicated, and takes less time to initiate.
Cryptojacking is Harder to Detect
Since crypto-mining uses a lot of processing power, measures must be taken to ensure that the mining software that is installed on the users’ device doesn’t create too much disruption, otherwise they will become suspicious and launch an investigation. More often than not, users are not aware that the mining software is running in the background, which enables the attacker to persistently reap the rewards. Ransomware, due to it’s very nature, cannot go unnoticed.
What Poses the Greatest Threat; Cryptojacking or Ransomware?
Ransomware is undoubtedly problematic. Even if you have reliable backups, it will still take time (and money) to restore and test those backups. Now let’s assume that your company’s server has been infected with a crypto-mining program. Not only will the performance of the sever be affected, but also any client devices connected to the server. This would obviously lead to a reduction in productivity. For organisations running a mission critical service, such as a healthcare service, any disruptions could have serious repercussions. The good news however, is that crypto-mining software is relatively easy to detect and remove from your system, which ultimately makes it less threatening than ransomware.
How to Protect Your Businesses from Cryptojacking
There are a number of simple things you can do to protect your business from Cryptojacking, including changing the culture of the organization so that your employees are constantly on the lookout for the signs of a cyber-attack, such as suspicious performance issues. You also ensure that all software is up-to-date and look into installing anti-cryptomining browser extensions onto your devices. You could also consider using a network health monitoring tool that will help you identify abnormal GPU/CPU usage.