Crypto Mining Malware (Cryptojacking) Surpasses Ransomware as Top Threat per New Webroot Report
Webroot’s Mid-Year Threat Report: Cryptomining is Now the Biggest Threat in 2018, Dethrones Ransomware
Webroot, a cyber-security company, revealed its results of the Webroot Threat Report: Mid-Year Update, which analyzed the fast-changing Cybersecurity landscape. As per the trends in first half of 2018, the company determined that Cryptomining has now become the biggest threat, dethroning the earlier culprit – Ransomware.
In its findings, Webroot also discovered that cybercriminals have changed their tactics, and are now using sophisticated and targeted means to attack, which expands their money-making endeavors.
Webroot made a number of findings when it comes to Cybersecurity and its related attacks. These include:
Cryptomining is Taking Over from Ransomware
In this finding, Webroot concluded that, in the first half of 2018, malware in general, which includes both Cryptomining and ransomware, accounted for around 52% of threats. Cryptomining, which is also known as cryptojacking, attacks a victim’s computer and uses its processing power to mine digital currencies.
Cryptomining Scripts are Growing
Cryptojacking accounted for a whopping 35% of threats, with Xxgasm.com topping the list (31%), and coinhive.com following closely with 28% of the traffic.
Adoption of Windows 10 Grows
Many consumers and businesses have shifted to using Windows 10, which is presumed more secure than other operating systems. About 75% of consumers and 40% of companies have taken this move.
Ransomware Attacks Targets Unsecured RDP to Identify Valuable Victims
Unsecured RDP (Remote Desktop Protocol) are valuable targets, as cyber criminals tend to access and infect them with ransomware in order to perform their reconnaissance. Some of them even go to an extent of paying for access to these systems through the dark web.
Phishing Attempts Increase, with Dropbox Being the Main Target
From Jan to June 2018, phishing attacks increased by over 60%, with Dropbox being the most impersonated company for the attacks accounting for 17%. The attackers are usually after sensitive business and consumer data, which include cryptocurrency public and private keys, corporate intellectual property, financial accounts, and other personal information.
Companies Realizing the Benefits for Security Awareness Training Programs
Owing to the increased Cybersecurity threats in 2018, organizations are realizing that employee security awareness is a key factor to their business strategy.
Speaking about cybercriminals and how firms should take measures to protect themselves, the senior threat research Analyst at Webroot, Tyler Moffitt, said that:
“Cybercriminals display an amazing ability to adapt to maximize their profits. Businesses need to adopt the same nimble mindset toward their cybersecurity. They need to continually reassess risks, adopt a multi-layered approach, and, ultimately, educate their employees about the latest threats on an ongoing basis.”