Connect with us

Hi, what are you looking for?

HEADLINES

Kaspersky puts spotlight on cyberthreat that is often overlooked

Just in the first three months of 2020, Kaspersky solutions have foiled over 1 million mining attempts against devices of businesses in Southeast Asia (SEA) with 20-250 employees. This is 12% more compared with 949,592 mining incidents blocked in the same period last year.

Several studies from Kaspersky have since revealed that companies are concerned about data breaches and ransomware. However, fresh statistics from the global cybersecurity company unmasks that the biggest threat in Southeast Asian small and medium businesses (SMBs) are not those two, but miners.

Just in the first three months of 2020, Kaspersky solutions have foiled over 1 million mining attempts against devices of businesses in Southeast Asia (SEA) with 20-250 employees. This is 12% more compared with 949,592 mining incidents blocked in the same period last year.

The total number of miners detected in Q1 is also significantly more than the 834,993 phishing attempts and 269,204 ransomware detections against SMBs in the region.

“We cannot refute the fact that malicious mining is far less destructive compared with ransomware, data breaches, and the like but it remains a risk that SMBs should consider seriously. Cybercriminals behind these attacks are using your own resources, from your electricity, your data bandwidth, to your devices’ hardware which are not cheap at all,” comments Yeo Siang Tiong, general manager for Southeast Asia at Kaspersky. “Our previous study even found out that two days’ straight of mining cryptocurrency using mobile mining malware can leave an infected device’s battery bloated to the point of physically deforming the phone. Think footing the bill without eating the meal, that’s how illegal miners work.”

Advertisement. Scroll to continue reading.

Malicious mining, also known as cryptojacking, are attacks that can inflict both direct and indirect losses for a business. Cryptocurrency miners that infect the computers of unsuspecting users essentially operate according to the same business model as ransomware programs: the victim’s computing power is harnessed to enrich the cybercriminals.

Aside from a substantial increase in electrical consumption and usage of CPU, mining increases the wear and tear on hardware by having processing cores, including those belonging to discrete graphics cards, working overtime to mine ill-gotten cryptocurrency. The wasted bandwidth also decreases the speed and efficiency of legitimate computing workloads. Moreover, a cryptojacking malware can overwhelm a system, causing severe performance problems, which will have an immediate effect on businesses’ networks and ultimately, their customers.

Kaspersky’s data further reveals that Indonesia and Vietnam were among the countries in SEA and globally with the highest number of mining attempts against SMBs. Most of the six countries in the region, except the Philippines and Thailand, have also recorded an increase in terms of this malware’s detection in the first quarter of 2020.

Completing the five countries with most number of cryptojacking attempts are the Russian Federation, Brazil, and the Islamic Republic of Iran.

“There are obvious signs when your file is being held by ransomware, but malicious miners take a long while to notice, compounding the true cost of this malware. Cryptocurrency is here to stay which also means cybercriminals will continue to look for devices they can use illegally for mining. One important point SMBs should consider is that there is a direct correlation between successful cryptojacking and the use of pirated software. The more freely unlicensed software is distributed, the more miners there are, so I urge companies to use legitimate software at all times,” adds Yeo.

Advertisement. Scroll to continue reading.

Aside from unlicensed software, miners can also get into computers via adware installers and infected content distributed using social engineering as well as infected USBs.

To block malicious software from adware and infected content being spread through email, SMBs can use Kaspersky Security for Microsoft Office 365. This tool is an advanced, all-in-one threat protection for Microsoft Office 365’s communication and collaboration services. It curbs the spread of malicious threats including ransomware, viruses, Trojans, phishing, among others.

It is currently being given free for six months to SMBs in SEA.

As the human-factor plays a huge role in this type of threat, businesses can also utilize the 20-30 minutes free online course from Kaspersky. This free training tackles how companies can secure their current remote working environment.

Kaspersky also shares the following tips to keep SMBs’ devices safe from malicious miners:

Advertisement. Scroll to continue reading.
  • Update your operating system and all software regularly.
  • Distrust e-mail attachments by default. Before clicking to open an attachment or follow a link, consider carefully: Is it from someone you know and trust; is it expected; is it clean? Hover over links and attachments to see what they’re named or where they really go.
  • Don’t install software from unknown sources. It may and often does contain malicious cryptominers.
  • Use a dedicated endpoint security solution equipped with web and application control, anomaly control and exploit prevention components that monitor and block suspicious activity on the corporate network.

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

Kaspersky has enhanced its Kaspersky Industrial CyberSecurity (KICS), a native XDR Platform for industrial enterprises, and streamlined Managed Detection and Response (MDR) for Industrial...

White Papers

One in three industrial companies encounter regular network problems, with 45% of businesses experiencing them a few times a month, while only 12% of...

HEADLINES

Smart has received reports about unscrupulous individuals pretending to be company executives or representatives of organizations asking for donations for made-up or nonexistent relief...

HEADLINES

Located in the Kaspersky office, the new facility will provide the company’s stakeholders with services ranging from an overview of Kaspersky’s practices, to a...

HEADLINES

Smart and Maya emphasize that they never send SMS with links requesting login credentials, personal information, or account verification. If you receive such a...

HEADLINES

In this new scheme, scammers call potential victims claiming that their phone number has been linked to illegal activities. The fraudsters would then extort...

White Papers

With an increase of 9% the industry is one of only three sectors with an increasing attack rate beside healthcare (+7%) and financial services...

HEADLINES

In August alone, PLDT and Smart’s Cyber Security Operations Group (CSOG) blocked access to more than 400,000 URLs that host child sexual abuse and...

Advertisement