Cyber Security

One in three UK orgs hit by cryptojacking in previous month, survey finds

Conversely, only a little over one-third of IT executives believe that their systems have never been hijacked to surreptitiously mine digital currencies

A total of 30% of organizations in the United Kingdom fell victim to a cryptojacking attack in the previous month, a recent survey among 750 IT executives across the UK has found.

The study, commissioned by Citrix and carried out by OnePoll in May 2018, also reveals that 59% of IT decision-makers have been alerted to covert cryptocurrency mining on their systems at some point in the past, rather than in the last month alone, Internet of Business reports. Of those, 80% were affected in the last six months, which roughly coincides with a surge in popularity of cryptojacking.

Meanwhile, 38% of the respondents said that they have never experienced such an attack.

The study also found that, in most cases (60% ), up to 50 devices were hit by cryptojacking. A total of 11% percent of the respondents said that over 100 machines were affected in the most recent attack. All respondents work in organizations of at least 250 employees each.

The biggest share of the cases (38% ) were detected through network-monitoring solutions. Only one in six organizations discovered such an incident after noticing slower device performance, which helps illustrate the surreptitious character of the mining.

Cryptojacking, or the hijacking of the victim machines’ processing power to generate virtual currencies, can eat up much of the targets’ CPU resources. In so doing, it degrades system performance and ramps up energy bills for the victim. The attacks commonly involve injecting a mining script into a website or advert, or threat actors compromise a device with malicious mining code.

One prominent flare-up in covert mining occurred this February, when ne’er-do-wells added a mining script known as CoinHive into a browser plugin called Browsealoud that was then loaded by several thousand websites, including some in the public sector in the UK. If undetected, the script ran in the background unbeknown to the visitor of the affected site until the webpage was closed.

Given their computing power, enterprise servers are among especially lucrative targets for illicit cryptomining. At the same time, cryptocurrency-mining malware doesn’t shy away from cloud services, Android apps or, as documented by ESET researchers just days ago, third-party add-ons for a media player.

Articles You May Like

Solving problems is better than fearmongering
Ransomware Gangs Adopting Business-like Practices to Boost Profits
Critical Firmware Vulnerability in Gigabyte Systems Exposes ~7 Million Devices
OpenAI’s ChatGPT iOS app now available in Canada, India, Brazil and 30 more countries
Danni Brooke to Spotlight the Role of Women in Cyber at Infosecurity Europe 2023

Leave a Reply

Your email address will not be published. Required fields are marked *