According to the “2023 SonicWall Cyber Threat Report”, 139.3 million cryptojacking attempts were recorded in 2022 compared to 97.1 million in 2021, a 43% year-over-year increase. The observed attack volumes exceeded the 100-million mark for the first time. The report stated that cryptojacking volume increased in North America, Asia, and Europe. However, the Latin America region recorded a 66% drop year-over-year.
Despite skyrocketing attack volumes in Europe, the United States (U.S.) remained the country with the highest volume with cryptojacking attempts rising 41% year over year. Retail had the highest total cryptojacking attack volumes by industry, followed by Education, Finance, Healthcare, and Government.
In cryptojacking, attackers gain access to the victim’s computer or mobile device’s computing power and use them for cryptocurrency mining without the knowledge and authorization of the victim.
Cryptojacking attacks have occurred across various industries. Launched in 2017, Coinhive allowed website owners to embed JavaScript code onto their websites, thereby using the website visitor’s computer to mine the cryptocurrency, Monero.
In another cryptojacking incident, researchers at the cloud monitoring and defence firm RedLock reported that Tesla’s cloud system had been cryptojacked in February 2018 after hackers exploited a password vulnerability to mine cryptocurrency. Tesla said that the data exposure was minimal and quickly addressed the vulnerability.
In 2018, a cryptojacking code was discovered on the Los Angeles Times Homicide Report page. The code used minimal computing power such that users could not easily detect when their devices were used to mine the Monero cryptocurrency.
In 2018, a European water utility control system was cryptojacked and used to generate the Monero cryptocurrency.
As per the 2022 SonicWall’s Threat Mindset survey, 66% of organizations were more concerned about cyberattacks in 2022 than in previous years. 29% of organizations reported that they have roughly the same amount of concern about attacks as they did in 2021, with only 5% reporting as being less concerned.
Respondents ranked Ransomware (91%) as the top cyber attack concern. Other concerns by the respondents were; Phishing and spear-phishing (76%), Encrypted malware (66%), File-less attacks (39%), Memory-based malware (24%), Cryptojacking (23%), IoT malware (22%), and Side-channel attacks (18%).
Sonicwall recommends the following to detect and prevent cryptojacking in your organization: Keeping computers and web browsers up to date, using reputable anti-malware software, regularly updating antivirus and security software on all devices, and educating users to be cautious when opening emails and attachments.
Further recommendations from SonicWall to detect cryptojacking include preventing unauthorized downloads, using ad blockers, using zero-day protection, Implementing strong authentication, protecting cloud resources, and using anti-bot protection to help prevent malware from spreading to a computer or network.
Source: Read Full Article