Building a slide deck, pitch, or presentation? Here are the big takeaways:
- Cryptojacking represented 24% of all online attacks blocked in December 2017. —Symantec, 2018
- The rise in cryptojacking attacks in 2017 directly correlates with the rise in value of bitcoin at the end of the year. —Symantec, 2018
The rise in value and popularity of Bitcoin at the end of 2017 corresponded with a massive spike in blocked cryptojacking attempts, according to cybersecurity software firm Symantec.
In their report on the cybersecurity threat landscape in 2017, Symantec found that the number of attempted cryptojackings—wherein someone attempts to hijack your computing device to mine for cryptocurrency—skyrocketed by 8,500% in the last three months of 2017.
“Cyber criminals use coinminers to steal victims’ computer processing power and cloud CPU usage to mine cryptocurrencies,” Symantec wrote in their report. “Cyber criminals started trying to make money this way primarily because there was a huge rise in the value of cryptocurrencies in the last quarter of 2017, making this type of cyber crime extremely profitable.”
SEE: Cybersecurity in 2018: A roundup of predictions (Tech Pro Research)
Mining for cryptocurrencies requires a significant amount of processing power and ancillary costs that can be too expensive for the average person, prompting many hackers and cybercriminals to create coinminers that can hijack someone else’s computer, often without their knowledge.
These coinminers bleed your computer’s energy dry, slow down your computer and can cause the batteries in your device to break down. For large companies or corporations, the discovery of a coinminer in your system may result in massive CPU costs and require network shutdowns to remedy.
Another security firm, Check Point, said in January that it too had found a massive increase in cryptomining malware. The research found that “the tools can be hacked to dominate more power and generate more revenue, using as much as 65% of the end-users’ CPU power,” according to a report.
Kaspersky Lab’s Yaroslava Ryabova noted that “Over the past six months, cybercriminals have raked in more than $7 million through injecting cryptominers.”
Just last month, Tesla was forced to address this issue after a security firm found that their cloud environment was being used by hackers to mine cryptocurrency. The same security company, Redlock, found coinminers using the cloud at two other companies in October.
“The message from this research is loud and clear — the unmistakable potential of cloud environments is seriously compromised by sophisticated hackers identifying easy-to-exploit vulnerabilities,” Redlock’s CTO and head of the CSI team, Gaurav Kumar, said in a statement to Finance Magnates.
In its report, Symantec also noted that while most coinmining apps are used to hijack computers or phones, some have started to attack IoT (Internet of Things) devices as well.
“We observed a 600 percent increase in overall attacks on IoT devices in 2017, showing that while they didn’t make headlines like they did thanks to the Mirai botnet in 2016, they are still very much a target for cyber criminals,” Symantec said in the report.
The numbers will only rise as more criminals look to use the processing power of other devices to mine for more cryptocurrency, Symantec’s director of security response Kevin Haley told The Verge.
“While a great portion of these threats are browser-based, hijacking PCs, Macs and smartphones, attackers are moving to obtain more processing power to drive greater profit,” he said.