Cryptomining is a lucrative new source of income for cyber criminals, and is rife across the Middle East and Africa.
Many cyber criminals are moving away from ransomware, which may be at least partially due to tech experts finding sophisticated solutions to prevent ransomware attacks and recover data, and turning to cryptomining – or cryptojacking – as a way to make quick money.
Cryptomining is on the rise
According to industry experts, cryptomining from consumer computers increased by a staggering 8,500% in 2017.
The US had the largest number of such attacks, closely followed by Japan and Germany, but the Middle East and Africa region is catching up – here, hacking of all types is a major risk.
Criminals mine coins using special malware that takes over the processing power of computers, servers and other devices to mine cryptocurrency. This is a high-value way of working for innovative criminals.
Coinhive is one of the most frequently used scripts. Users who visit websites that serve the script have part of their processor power redirected to mine cryptocurrency. Coinhive and similar scripts are placed on websites that attract lots of visitors or keep visitors for a long time.
Although the script is only effective while you are visiting the infected website, Coinhive can use so much processing power that the browser freezes, leaving you (at least temporarily) locked up and mining cryptocurrency for cyber criminals.
Smartphones are also at risk. If your device comes under attack from cryptominers, it could slow down and overheat, or even stop functioning.
Organisations need to protect themselves
Just like malware, there’s a real risk that cryptomining could shut down major business networks, so organisations need to be aware and make sure they’re protected against it.
In fact, the entire Gulf Cooperation Council (GCC) should be concerned about cryptomining.
In addition to providing passive support for criminal organisations, it can increase power usage and costs, while reducing productivity. Furthermore, criminal hackers seek out popular websites to infiltrate so that they can insert the Coinhive script, and may go on to infect the website and systems with more pernicious malware.
Cryptomining is a growing risk, but phishing and ransomware still are huge threats and shouldn’t be dismissed.
Discover how our range of cyber security staff awareness courses can help deliver essential training.
Improve your information security with ISO 27001
ISO 27001 describes best practice for an information security management system (ISMS). Certifying to ISO 27001 demonstrates that your organisation is following information security best practice. It covers people, processes and technology, recognising that information security isn’t about technology alone.
If you want to learn more about keeping your information secure, you should download our free ISO 27001 fact sheet. It explains:
- How ISO 27001 can improve information security;
- The benefits of achieving certification;
- What to consider when implementing the Standard; and
- How to overcome the initial barriers of implementation.