Symantec’s “Internet Security Threat Report” Highlights Crypto’s Increased Use in Cyber Crime
Internet security firm Symantec has published their 23rd Internet Security Threat Report. The document identifies an increase in the incidents of cyber crime that involve cryptocurrency in some way. The most prominent examples are cryptojacking and ransomware attacks.
More Cyber Criminals Using Cryptocurrency
The report largely focuses on the following areas: cryptojacking, ransomware, targeted attacks, mobile attacks, and attacks leveraging the software supply chain.
Symantec claims that the cryptojacking was the largest trending attack of 2017. They worked out that there had been an 8,500% increase in the number of examples detected on computers.
Cryptojacking is the use of a computer system to mine cryptocurrency without the owner of the machine knowing. Privacy-focused cryptos are often favoured. Monero (XMR), for example, is a popular coin to secretly mine. Firstly, because provides a large level of anonymity for the criminal. Secondly, because regular CPUs can mine the coin effectively. This is in contrast to digital currencies like Bitcoin that require specialised equipment to generate new coins.
Symantec speculates that cyber criminals were drawn to cryptojacking in 2017 because of the surge in the price of practically all existing cryptocurrencies. Monero, for example, started the year at around $13 per coin. By the end of 2017, a single XMR coin cost around $350.
In addition to the immense profitability of cryptojacking, Symantec highlights how easy it can be to turn an unknowing computer user’s machine into a cryptocurrency miner. They state that it often requires no more than a few lines of code running on a device.
Since cryptojacking involves a large amount of processing power, it can often slow users’ machines down. Symantec also states that overworking a CPU in such a way can cause “batteries to overheat and devices [can] become unusable.” In addition, the security experts claim that cryptojacking could cause even greater problems for organisations that are being billed based on CPU usage.
The Internet Security Threat Report went on to mention ransomware as another of the major online threats of 2017. Ransomware attacks involve hackers encrypting the contents of a computer system. They then demand paying (usually in cryptocurrency) to unlock the machine.
The cybersecurity experts highlighted the WannaCry attack of last year as one of the largest examples of such cybercrime. They state that demands made by groups committing such attacks had actually fallen this year since the attacks of 2016 frequently overpriced themselves. A blog post about the report stated:
“In 2017 cyber criminals seemed to find the sweet spot that victims are willing to pay. The average ransom demand in 2017 was $522, less than half of the average of 2016.”
Being an emerging currency for the internet, it should come as no surprise that criminals are favouring cryptos for their attacks. Already in 2018, there have been examples of ransomware attacks against government departments in Atlanta. For now, there is nothing to suggest that such attacks will diminish during 2018.