Over the last decade, major developments have been implemented across Southeast Asian countries in terms of connectivity. Parallel to this is the rise of security threats lurking behind the virtual world. Amongst the threats overlooked, particularly by small and medium businesses (SMBs) in the region is cryptomining.
According to Kaspersky's latest report, the global cybersecurity company has detected 1,726,799 mining attempts in the first half of this year targeting SMBs in Southeast Asia (SEA). Despite a slight decrease compared with the same period in 2019, cryptomining attempts logged the highest for SMBs in the region compared to phishing with 1,602,523 detections and ransomware with 504,304 detections from January to June 2020.
Kaspersky's data also shows that four out of six Southeast Asian countries are in the top 15 globally when it comes to cryptomining attempts. Indonesia is the country with the highest number of cryptomining detections against SMBs for H1 2020, this is despite a decrease of 40% compared to the same period last year.
In the global ranking, Russia is the country with the most number of cryptomining prevented by the global cybersecurity company in the second quarter of 2020, followed by China, India, Indonesia and Vietnam.
"This threat is clearly not as popular as phishing and ransomware primarily because its presence is usually unannounced. With a pandemic situation that indirectly encourages the development of digital transformation in the SEA region, it is appropriate for business drivers to understand the potential risks of cryptomining. This threat is silent, hidden inside our devices and networks, slowly sucking our bandwidth, electricity, and damaging our hardware which are all costly at a time when SMBs need their cash flow the most," says Yeo Siang Tiong General Manager for Southeast Asia at Kaspersky.
Cryptojacking is the unauthorized use of someone else's computer to mine cryptocurrency. This is also known as malicious mining. Cybercriminals use a variety of covert means to install mining programs on other people's computers and take all the profits from cryptocurrency mining without incurring equipment or electricity costs.
A cryptomining malware can overwhelm a system, causing severe performance problems, which will have an extremely rapid effect on businesses' networks and the most important, their customers. What makes cryptojacking a threat that can be dangerous for businesses is that cryptocurrencies remain a more easily anonymized form of ransom payment. In conclusion, cybercrime like miners is very capable to do their work for years without attracting any attention, thus, being undetected for a long time.
"We understand that cybersecurity can be an afterthought for SMBs in this challenging period. However, defenses are needed to foil malicious attempts which can damage their systems, devices, and their pockets. There are simple ways to avoid cryptomining such as never using pirated software and deploying enterprise-grade protection into your servers and endpoints. For our part, we are also offering free cybersecurity training for SMBs to help them educate their employees against these threats online," adds Yeo.
In essence, some signs that may point towards devices being used for crypto-mining are:
- Substantial increase in electrical consumption and usage of CPU
- System response will slow; the device's memory, processor, and graphics adapter are bogged down completing cryptomining tasks.
- Wasted bandwidth will decrease the speed and efficiency of legitimate computing workloads
- Batteries will run down much faster than before, and devices may run quite hot.
- If the device uses a data plan, users will see data usage skyrocket.
To proactively safeguard your business against SMBs, here's what you should focus on:
- Enhancing the cybersecurity awareness of your employees is the first step, but a highly critical one for any business that takes cybersecurity seriously.
- Monitor web traffic - frequent queries to domains of popular cryptomining pools are a clear sign that someone is mining at your expense.
- Keep track of your server load. If the daily load changes suddenly, that may be a symptom of a malicious miner. Carrying out regular security audits of your corporate network may also be helpful.
- Ensure that all your software are up to date as soon as they are available so that you are well prepared for the latest cyberthreats.
- Implement the right cybersecurity solution for every aspect of your business operations, both hardware and software related. Use a dedicated endpoint security solution equipped with web and application control, anomaly control and exploit prevention components that monitor and block suspicious activity on the corporate network.