Let’s Face It- Cryptomining Is The New Ransomware
For years, ransomware has been the most despicable aspect of the cybercriminals undertaking, with digital hoodlums truly held the data hostage until the payment was made.
Some verticals in the enterprise can breathe a sigh of relief, however, because now there is less ransomware in play, but individuals and small businesses are the newest targets as crypto mining becomes the hottest trend in cyber attacks.
A few verticals in the undertaking can sigh a relief; be that as it may, sound since there are on the grounds that presently there is less ransomware in play, however, people and independent companies are the most up to date focus as crypto mining turns into the most sultry pattern in digital attack.
Craig Williams, director of outreach for Cisco Talos, addressed the trend at Cisco Live 2018, noting that “people are backing off from ransomware. It’s a super high risk. A lot of people aren’t paying.”
Cryptomining is rising up to take the place of ransomware, and if cybercrime could be considered trendy, crypto mining is Cardi B, Drake and Taylor Swift rolled into one.
“Cryptomining is not considered as heinous [as ransomware] by the FBI. They don’t pursue it as aggressively. And let’s be honest, it’s significantly less damaging,” Williams said. “And as long as the cryptocurrency markets remain high, cryptocurrencies like Monero are very, very attractive targets for malicious software office. You can make about 25 cents a day off of infecting a home machine with a Monero miner. You multiply that times, tens of thousands or hundreds of thousands of machines, and figure you’re going to have it compromised for the majority of a year.
The allure of crypto mining, Williams said, is that it is profitable and the payout can’t be traced. Also, the attackers know what behaviors can help decrease their risk.
Cryptomining was discovered as a risk in late 2017, according to a Cisco blog. That’s when threat researchers discovered spam campaigns delivering crypto payloads using email attachments. According to the blog, “In some cases, a Word document downloads the crypto payload via a malicious macro. Attackers also continue hiding malware in email attachments. It’s safe to assume that the trend of using attachments in attacks isn’t going away.
However, for some industries, ransomware will remain a problem.
As Williams said, “Unfortunately, if you are a government or medical, you’re still going to get hit with ransomware because you keep paying. So until medical and government stop paying the ransom, they’re going to continue to be targeted. They’ve got to basically increase their defenses, become a non-attractive target and then hopefully the bad guys will eventually lose interest. But as long as people keep paying, it’s going to keep happening.”
Eventually, crypto mining will become less attractive as more criminals opt for it and the payout is reduced. “But I think in the short term, people are going to keep doing it. Especially as people just keep inventing new currencies that seem to be taking off,” Williams said.
“Monero’s relatively new, it will be around for years to come and if there happens to be a new one that also focuses on security and privacy and making transactions opaque, it will catch on as well, potentially. And if it does, that will be another few years of mining cryptocurrency,” Williams said.
Kevin Jones951 Posts
Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others.