Exclusive insights: Protecting your business from malware
MALWARE is everywhere, and in a world where devices are constantly online, users need to be aware of the risk they face.
If infected devices are used to access secure business networks, the ramifications are significant. The risk is even greater for organizations that allow users to access their network remotely, via phones or personal laptops.
Recently, malware has become even more lucrative – and hence popular among hackers – on the internet. A variant of malware known as crypto-jackers (or coin miners), infect users devices and hijack its processing power to mine cryptocurrencies.
According to McAfee, coin miner malware grew a stunning 629 percent to more than 2.9 million known samples in Q1 2018 from almost 400,000 samples in Q4 2017.
McAfee’s analysts believe that cybercriminals are warming up to the prospect of monetizing infections of user systems without prompting victims to make payments, as is the case with popular ransomware schemes.
Compared with well-established cybercrime activities such as data theft and ransomware, cryptojacking is simpler, more straightforward, and less risky. All criminals must do is infect millions of systems and start monetizing the attack by mining for cryptocurrencies on victims’ systems.
There are no middlemen, there are no fraud schemes, and there are no victims who need to be prompted to pay and who, potentially, may back up their systems in advance and refuse to pay.
In an exclusive interview with Sumit Bansal, Senior Director for ASEAN and Korea, Sophos, Tech Wire Asia learned about some of the business risks associated with users accessing business machines with devices with coin-miners and how it can impact businesses.
Cryptojacking might sound relatively harmless at first – it doesn’t need to read any personal data, or even to access to the file system. However, the downsides are still very significant:
- Unbudgeted operating expenses from powering computers to work for someone else
- Losing opportunity costs as legitimate work gets slowed down from the crypto mining activities
- Security risks from who-knows-what untrusted programs and network connections
- Reputational and regulatory costs of reporting, investigating and explaining the crypto mining activity
- Ethical concerns of allowing employees to mine using your resources
Businesses need to form an opinion on their crypto mining policy. While the view on cryptojacking is simple – it should never be allowed – the view on legitimate mining varies from business to business.
Some companies will allow legitimate mining on company resources. Others will not.
Again, there is an ethical component of allowing employees to use company resources, including the hardware, electricity, and ongoing running costs to perform legitimate crypto mining.
The risks of cryptojacking to businesses are not in dollars and cents. Businesses lose out from unbudgeted operating expenses from increasing computer usage.
Cryptojacking also opens up security risks from untrusted programs and network connections. Legitimate and malicious mining are the same in almost every sense except who gets paid and whether the person who owns the device performing the mining willingly chooses to participate.
It’s easy to understand the concept of the cybercriminal wanting you to do the hard work and they take all the proceeds.
“That’s why cryptojacking has exploded with the growth in the value of cryptocurrencies in the market. Cybercriminals see an opportunity to make “free money” off the back of your hard work,” said Bansal.
And how do they achieve this? They manage to get crypto mining code onto your device, and without your permission and knowledge, immediately set your device working as a part of their malicious pool.
They want their pool to be as large as possible to increase the chance of them successfully mining cryptocurrency. The more they mine, the more they make.
So, they set to work in an attempt to infect as many devices as possible and enslave them into the cryptojacking trade.