Kaspersky_Web Miners-malicious

Several studies from Kaspersky have since revealed that companies are concerned about data breaches and ransomware. However, fresh statistics from the global cybersecurity company unmasks that the biggest threat in Southeast Asian small and medium businesses (SMBs) are not those two, but miners.

Just in the first three months of 2020, Kaspersky solutions have foiled over 1 million mining attempts against devices of businesses in Southeast Asia (SEA) with 20-250 employees. This is 12% more compared with 949,592 mining incidents blocked in the same period last year.

The total number of miners detected in Q1 is also significantly more than the 834,993 phishing attempts and 269,204 ransomware detections against SMBs in the region.

“We cannot refute the fact that malicious mining is far less destructive compared with ransomware, data breaches, and the like but it remains a risk that SMBs should consider seriously. Cybercriminals behind these attacks are using your own resources, from your electricity, your data bandwidth, to your devices’ hardware which are not cheap at all,” comments Yeo Siang Tiong, general manager for Southeast Asia at Kaspersky. “Our previous study even found out that two days’ straight of mining cryptocurrency using mobile mining malware can leave an infected device’s battery bloated to the point of physically deforming the phone. Think footing the bill without eating the meal, that’s how illegal miners work.”

Malicious mining, also known as cryptojacking, are attacks that can inflict both direct and indirect losses for a business. Cryptocurrency miners that infect the computers of unsuspecting users essentially operate according to the same business model as ransomware programs: the victim’s computing power is harnessed to enrich the cybercriminals.

Aside from a substantial increase in electrical consumption and usage of CPU, mining increases the wear and tear on hardware by having processing cores, including those belonging to discrete graphics cards, working overtime to mine ill-gotten cryptocurrency. The wasted bandwidth also decreases the speed and efficiency of legitimate computing workloads. Moreover, a cryptojacking malware can overwhelm a system, causing severe performance problems, which will have an immediate effect on businesses’ networks and ultimately, their customers.

Kaspersky’s data further reveals that Indonesia and Vietnam were among the countries in SEA and globally with the highest number of mining attempts against SMBs. Most of the six countries in the region, except the Philippines and Thailand, have also recorded an increase in terms of this malware’s detection in the first quarter of 2020.

Country Q1 2020 Q1 2019
Detections Ranking (globally) Detections Ranking (globally)
Indonesia 481,944 3 466,297 8
Malaysia 121,048 19 60,025 26
Philippines 7,537 40 29,646 36
Singapore 11,728 86 2,898 92
Thailand 152,802 11 155,712 13
Vietnam 289,118 5 235,014 5

Number of malicious mining attempts against SMBs blocked by Kaspersky solutions and the country’s ranking based on the share of users almost infected with this malware

Completing the five countries with most number of cryptojacking attempts are the Russian Federation, Brazil, and the Islamic Republic of Iran.

“There are obvious signs when your file is being held by ransomware, but malicious miners take a long while to notice, compounding the true cost of this malware. Cyrptocurrency is here to stay which also means cybercriminals will continue to look for devices they can use illegally for mining. One important point SMBs should consider is that there is a direct correlation between successful cryptojacking and the use of pirated software. The more freely unlicensed software is distributed, the more miners there are, so I urge companies to use legitimate software at all times,” adds Yeo.

Aside from unlicensed software, miners can also get into computers via adware installers and infected content distributed using social engineering as well as infected USBs.

To block malicious software from adware and infected content being spread through email, SMBs can use Kaspersky Security for Microsoft Office 365. This tool is an advanced, all-in-one threat protection for Microsoft Office 365’s communication and collaboration services. It curbs the spread of malicious threats including ransomware, viruses, Trojans, phishing, among others.

It is currently being given free for six months to SMBs in SEA. Interested businesses can find out more about this promo via this link.

As the human-factor plays a huge role in this type of threat, businesses can also utilize the 20-30 minutes free online course from Kaspersky. This free training tackles how companies can secure their current remote working environment. It is accessible through this link.

Kaspersky also shares the following tips to keep SMBs’ devices safe from malicious miners:

  • Update your operating system and all software regularly.
  • Distrust e-mail attachments by default. Before clicking to open an attachment or follow a link, consider carefully: Is it from someone you know and trust; is it expected; is it clean? Hover over links and attachments to see what they’re named or where they really go.
  • Don’t install software from unknown sources. It may and often does contain malicious cryptominers.
  • Use a dedicated endpoint security solution equipped with web and application control, anomaly control and exploit prevention components that monitor and block suspicious activity on the corporate network.

Leave a Reply