A quarter of UK businesses have been cryptojacked, reveals new research

ALondon – Cryptojacking has already affected large numbers of UK businesses, according to new research from CybSafe, the cyber security awareness and data analytics company. In CybSafe’s survey of 250 IT decision-makers at UK small and medium-sized enterprises (SMEs), 25% of respondents reported that one or more computers on their system had been cryptojacked in the last 12 months.

 

Cryptojacking is a process by which hackers hijack a computer’s processing power to mine for cryptocurrencies. As a result of high processor usage, computers infected with cryptojacking malware tend to run slowly and may overheat. One of the more popular ways is to send phishing emails with malicious links or attachments that install crypto-mining code. Another method, ‘web browser miner’, involves hackers injecting websites with malicious script.

 

“Cryptojacking is still a relatively new threat in the cyber security picture, and it’s caught UK businesses largely unawares,” says CybSafe CEO, Oz Alashe. “Although there are signs now that the cryptojacking threat has somewhat declined over the last few months, businesses shouldn’t be fooled. Coinhive may have been shut down, but organisations shouldn’t assume that the threat has therefore vanished. As long as there is cryptocurrency for the taking, criminals will be looking to steal it.”

 

“Ransomware is unique among cybercrime because in order for the attack to be successful, it requires the victim to become a willing accomplice after the fact”
James Scott, Sr. Fellow, Institute for Critical Infrastructure Technology

 

CybSafe’s research also found that just over half (54%) of UK businesses had year-round cyber security training and awareness programmes in place. Around a quarter (24%) admitted that they hadn’t implemented even the most basic cyber security measures, such as anti-virus software. 39% didn’t have HR guidance requiring staff to report cyber security incidents, and 43% didn’t have a cyber security incident management process in place.

 

“Businesses often fail to implement the effective cyber security training and or awareness, behaviour and culture initiatives which limit many of the natural attack vectors that lead to cryptojacking. Even the most basic measures, such as antivirus solutions, aren’t implemented universally. UK businesses are leaving themselves open to all kinds of attacks – not just cryptojacking.”

 

Please leave your questions and comments below:

 


KEEP UPDATED – SUBSCRIBE TO BITMEDIA YOUTUBE HERE