Category

Cryptojacking overtakes ransomware as top IT threat

April 22, 2019

Ransomware, which dominated IT security headlines for the past few years, has finally been eclipsed as the most prevalent threat. According to the latest Webroot Threat Report, unauthorized crypto mining, or “cryptojacking,” is the number one IT security threat today—beating out ransomware to take the top spot. 

Here’s how it works. Cyber criminals distribute malicious links via phishing emails, not unlike in a ransomware attack. But, when a victim clicks the link, the crypto mining code is loaded onto their computer without any indication. Once installed, it uses the system’s CPU in tandem with hundreds or even thousands of other infected computers to mine cryptocurrency. It works in the background, slowing your computer down and increasing power consumption.

Individuals may not even notice the decrease in performance or the power spike. However, if many computers across an organization are infected, its electric bills can skyrocket. A recent study in the energy research journal Joule found that that the energy used for crypto mining doubles every six months, and that crypto mining will account for an estimated 3% of the world’s electricity consumption by 2020.

And though it is in decline, the threat of ransomware is far from gone. In fact, hackers using ransomware have become even more sophisticated, carefully tailoring attacks to increase their likelihood of success. In the past, ransomware attacks were conducted on a very broad scale, using automated tools. While this required little effort on the part of the criminal, attacks were also relatively easy to detect, whether by antivirus software or just common sense. With targeted attacks, attackers can react to defense measures and employ different strategies until they are successful. 

Developing a ransomware protection strategy starts with antivirus protection. Make sure to deploy modern antivirus software, and keep it updated. Be certain to keep your operating system(s) and applications patched and up-to-date, as well. Ransomware is constantly being modified and updated to evade security measures and exploit OS and application vulnerabilities. So, keeping everything up should be considered essential.

Employee training is also essential. Be sure employees can identify phishing emails and know what to do if they receive one­—whether they open it or not. As noted above, cyber criminals are becoming more sophisticated. However, a little education can go a long way in preventing a ransomware infection.

Finally, make sure you have an offsite backup of your data. This allows you to restore everything without the need to pay a ransom. If you do suffer a ransomware attack, backup is your last line of defense against data loss.