Almost 9M cryptominers prevented in SEA SMBs in 2020, more than phishing, ransomware combined
In Southeast Asia, cryptomining is the highest in terms of attempted attacks blocked by Kaspersky at 8,926,117 in 2020. Detected phishing attempts were at 2,890,825 while ransomware attempts were at 804,513 last year.
Malicious cryptocurrency malware used in cryptomining is being used by cybercriminals to use hardware they don’t own such as smartphones, computers, tablets, and servers. They then harness the processing power of these devices to mine for cryptocurrencies such as Bitcoin, the prices of which have been skyrocketing.
So if you’re a business owner and your staff are working remotely because of the pandemic yet you find your office power bill unusually high, check your IT backend. There may be cryptominers using your business resources, at your expense.
In Kaspersky's recent 2020 SMB Threat Report, cryptomining attempts were monitored to have been reduced to 8,926,117 in 2020 from a massive 13, 247,796 detections in 2019.
“We have seen a decrease in miner attacks around the world and the same trend applies to SEA, too. The main factor behind the decreasing number of attacks is the cost of cryptocurrencies which has been declining over the past three years and only recently began to rise sharply in price again,” says Evgeny Lopatin, Malware Analyst Team Lead at Kaspersky.
Kaspersky is advising business owners not to keep their guards down.
“SMBs normally have a relaxed attitude towards information security and so the main damage from cryptomining is expected to be felt by this sector. Cryptocurrencies continue to attract investor and user attention due to the continued spike in its prices so we really caution SMBs not to underestimate the possibility that cryptomining will remain to be a serious cyberthreat. After all, cybercriminals have long realized that infecting servers is more profitable than mining on home users’ computers so SMBs should take this silent threat seriously,” says Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.
In the region, most of the monitored cryptomining attempts prevented by Kaspersky were observed in Indonesia and Vietnam for two consecutive years, accounting for almost 71% in 2020 and 80% in 2019 of all attempted incidents in SEA.
Unlike ransomware attacks which tend to be more frightening and require to be dealt with quickly, cryptominers flourish the longer they are hidden and use this stealth in the long-term to profit from the exploit.
Some tell-tale signs that personal devices are being used illegally by cryptominers include system response slowing down due to the workload strain, increase in power consumption that result in batteries depleting at a faster pace or electricity bills skyrocketing, and a more significant data usage.
If businesses suspect their systems being accessed by cryptominers, Kaspersky has a few tips to ensure the safety of their assets and devices:
- Keep operating systems and software fresh and regularly updated.
- Avoid clicking email links and attachments from unverified and untrusted sources.
- Practice caution when installing software from the web since cryptominers are known to embed malware in them.
- Take advantage of a strong security solution that businesses with limited cybersecurity expertise and resources could use like Kaspersky Endpoint Detection and Response Optimum (KEDRO). KEDRO is actually an efficient way for SMEs to reduce costs while saving on protection as it complements protection for endpoints such as mobile phones, tablets, and laptops connected to the company network.
- Carry out regular security audits of your corporate network. And you should not forget about less-obvious targets, such as queue-management systems, POS terminals, and vending machines. Once infected, an army of those devices can bring much profit to criminals.