More and more businesses being hit by crypto-mining attacks

null

Businesses that are stockpiling cryptocurrencies as a quick fix against ransomware attacks are experiencing an unfortunate side-effect: they’re painting a crosshair on their foreheads.

This is according to a new report by Citrix, which says businesses that have cryptocurrencies stored as a contingency are the ones that are under increased ‘crypto-mining’ attacks.

In a poll of 750 IT decision-makers in the UK, three in ten admitted to being hit by crypto-mining attacks within the previous month.

A crypto-mining attack is when a hacker installs malware that mines cryptocurrencies in the background of the infected machine. The machine then (usually) slows down, significantly.

The report says that 59 per cent of respondents detected crypto-mining attacks on their systems at some point – 80 per cent of those have happened within the last six months. Less than four in ten (38 per cent) believe they’ve never been subject of such an attack.

Almost four in ten (38 per cent) found out about it through their network monitoring solutions, and a third (34 per cent) were alerted by employees. One in five (16 per cent) discovered it through a spike in slower device performance.

In just seven per cent of cases, anti-malware software did its job.

“The threat of a ransomware attack is still very real for large businesses," said Chris Mayers, chief security architect, Citrix. "Many organisations have therefore invested in cryptocurrencies as a means of payment to restore their data as quickly and efficiently as possible. However, in a somewhat unfortunate vicious circle, this stockpiling of potentially valuable currency has now made them a target – and businesses appear slow to react to this threat, with many yet to put formal plans in place should they fall victim to an attack.

“Centralising data storage and management should form a key part of such plans, ensuring organisations keep their customer data and critical IP far from devices and end-points with possible vulnerabilities. This gives cyber-attackers fewer opportunities to gain leverage and demand ransoms – saving businesses from costly expenses, as well as supporting with long-term compliance for regulations such as the GDPR.”

Image Credit: David McBee / Pexels