Story image

Australia ranks 8th as a global target for cryptomining attacks

26 Mar 2018

2018 is shaping up to be ‘the year of cryptomining’ as cybercriminals add the highly-profitable revenue stream to their arsenals, particularly as the ransomware market becomes too overpriced – and overcrowded.

Cryptominers, which enslave devices’ memory, CPU and power usage, can cause unwelcome side effects for some users. In some cases, miners can overhead batteries and render devices unusable. Enterprises can also experience network shutdowns and inflated cloud CPU usage, resulting in cost increases.

“Cryptomining is a rising threat to cyber and personal security,” comments Symantec’s chief technology officer – Pacific region, Nick Savvides.

“The massive profit incentive puts people, devices and organisations at risk of unauthorised coin miners siphoning resources from their systems, further motivating criminals to infiltrate everything from home PCs to giant data centers.”

The report says cryptomining is not illegal and some may see it as a better alternative to viewing ads or paying for content. Globally, cryptomining detections increased 8500% in 2017.

“The problems arise when people aren’t aware their computers are being used to mine cryptocurrency, or if cyber criminals surreptitiously install miners on victims’ computers or Internet of Things (IoT) devices without their knowledge,” it says.

“Now you could be fighting for resources on your phone, computer or IoT device as attacks use them for profit. People need to expand their defenses or they will pay for the price for someone else using their device,” Savvides adds.

Australia ranks second in Asia-Pacific Japan and eighth globally as a target for cryptomining, accounting for 2.8% of the global percentage.

Overall, attacks on Australia accounted for 1.06% of all global threat detections. It also ranked high as a target for threats including ransomware, phishing hosts, and web attacks.

The report also analysed the state of email malware. Spam email increased by 1.2% in 2017, accounting for 54.6% of all email detections. In Australia, 53.4% of emails were detected as spam.

The report found that bills, email delivery failures, legal/law enforcement, scanned documents, and package delivery rounded out the top five malicious email themes.

The most common keywords used in spam emails include standard words like delivery, mail and message; however words including ‘failed’, ‘invoices’, ‘images’ and ‘scanned’ also appeared on the top 10.

Globally, the overall phishing rate dropped from one in every 2596 emails in 2016 to one in 2995 in 2017.

Symantec says that as attackers evolve, there are many steps businesses can take to protect themselves. Here are some tips.

For businesses:

  • Don’t get caught flat-footed: Use advanced threat intelligence solutions to help you find indicators of compromise and respond faster to incidents.
  • Prepare for the worst: Incident management ensures your security framework is optimised, measurable and repeatable, and that lessons learned improve your security posture. Consider adding a retainer with a third-party expert to help manage crises.
  • Implement a multi-layered defense: Implement a multilayered defense strategy that addresses attack vectors at the gateway, mail server and endpoint. This also should include two-factor authentication, intrusion detection or protection systems (IPS), website vulnerability malware protection, and web security gateway solutions throughout the network.
  • Provide ongoing training about malicious email: Educate employees on the dangers posed by spear-phishing emails and other malicious email attacks, including where to internally report such attempts.
  • Monitor your resources: Make sure to monitor your resources and networks for abnormal and suspicious behavior and correlate it with threat intelligence from experts.

For consumers:

  • Change the default passwords on your devices and services: Use strong and unique passwords for computers, IoT devices and Wi-Fi networks. Don’t use common or easily guessable passwords such as “123456” or “password”.
  • Keep your operating system and software up to date: Software updates will frequently include patches for newly discovered security vulnerabilities that could be exploited by attackers.
  • Be extra careful on email: Email is one of the top infection methods. Delete any suspicious-looking email you receive, especially if they contain links and/or attachments. Be extremely wary of any Microsoft Office email attachment that advises you to enable macros to view its content.
  • Back up your files: Backing up your data is the single most effective way of combating a ransomware infection. Attackers can have leverage over their victims by encrypting their files and leaving them inaccessible. If you have backup copies, you can restore your files once the infection has been cleaned up.
Story image
21 Aug
Lenovo hits $12.5B in revenue, marking eighth year of growth
According to the company, the strong results are led by the Intelligent Devices Group (IDG). The PC and Smart Devices Group (PCSD), one of its two business units, continued double-digit (12%) revenue growth.More
Story image
16 Aug
Brands failing to engage customers of today, study shows
Australian consumers are turning away from company websites in preference to search engine recommendations, are seeking seamless payment experiences and are choosing brands that create engaging content, a new report shows.More
Story image
20 Aug
HCL - the Global IT company with a growing A/NZ presence
We look at the local role of the massive corporation in ANZ IT departments.More
Download image
CIOs – here’s how you get your IT environment digital-ready
It’s no simple task to optimise performance for an array of internal and external applications, particularly when there’s a mixture of cloud and legacy workloads that intersect.More
Story image
23 Aug
Sophos report sheds light on Aussie cybersecurity landscape
“Security is hard. We all know it. Sophos survey highlights the constant challenge presented by the evolving security landscape and never ending search for skills and best practices to help organisations overcome these threats.”More
Story image
20 Aug
ADTRAN unveils new series of gigabit switches
ADTRAN has announced a new range of gigabit ethernet switches that are able to easily support an increasing number of internet-connected devices, WiFi access points, and the ability to simplify LAN management.More