SMBs in SEA region threatened by vastly increasing rates of cryptomining
Cryptomining is an increasing threat to small and medium businesses (SMBs) in the Southeast Asian (SEA) region, according to new data from Kaspersky.
Kaspersky states it has prevented more than 1.7 million mining malware threats from overwhelming hardware systems from January to June 2020.
In the last decade, major developments have been implemented across SEA countries in terms of connectivity, which has also led to a rise of security threats - namely cryptomining, Kaspersky states.
According to Kaspersky's latest report, the global cybersecurity company has detected 1,726,799 mining attempts in the first half of this year targeting SMBs in SEA.
Despite a slight decrease compared with the same period in 2019, cryptomining attempts logged the highest for SMBs in the region compared to phishing with 1,602,523 detections and ransomware with 504,304 detections from January to June 2020.
Kaspersky's data also shows that four out of six Southeast Asian countries are in the top 15 globally when it comes to cryptomining attempts.
Indonesia is the country with the highest number of cryptomining detections against SMBs for H1 2020, this is despite a decrease of 40% compared to the same period last year, Kaspersky states.
In the global ranking, Russia is the country with the most number of cryptomining prevented by the global cybersecurity company in the second quarter of 2020, followed by China, India, Indonesia and Vietnam.
Kaspersky general manager for SEA, Yeo Siang Tiong says, “This threat is clearly not as popular as phishing and ransomware primarily because its presence is usually unannounced.
“With a pandemic situation that indirectly encourages the development of digital transformation in the SEA region, it is appropriate for business drivers to understand the potential risks of cryptomining.
"This threat is silent, hidden inside our devices and networks, slowly sucking our bandwidth, electricity, and damaging our hardware which are all costly at a time when SMBs need their cash flow the most.”
Kaspersky states that cyberminers are able to do their work for years without attracting any attention and remain undetected for a long time.
Cryptojacking is the unauthorised use of someone else's computer to mine cryptocurrency. This is also known as malicious mining.
Cybercriminals use different covert means to install mining programs on other people's computers and take all the profits from cryptocurrency mining without incurring equipment or electricity costs.
A cryptomining malware can overwhelm a system, causing severe performance problems, which will have a rapid effect on businesses' networks and their customers.
This particular form of cryptomining can be dangerous for businesses due to the fact that cryptocurrencies remain a more easily anonymised form of ransom payment.
Yeo says, “We understand that cybersecurity can be an afterthought for SMBs in this challenging period. However, defenses are needed to foil malicious attempts which can damage their systems, devices, and their pockets.
"There are simple ways to avoid cryptomining such as never using pirated software and deploying enterprise-grade protection into your servers and endpoints. For our part, we are also offering free cybersecurity training for SMBs to help them educate their employees against these threats online.”
As stated by Kaspersky, some signs that may point towards devices being used for cryptomining are: substantial increase in electrical consumption; CPU System responses slowing down; wasted bandwidth that decreases the speed and efficiency of legitimate computing workloads; batteries running down much faster than before; devices running hot; and if the device uses a data plan, the data usage increasing.
To proactively safeguard a business, decision makers should enhance the cybersecurity awareness of employees, monitor web traffic frequent queries to domains of popular cryptomining pools, keep track of server loads, and carry out regular security audits of corporate network.
It is also a good idea to ensure all software is up to date and the business is implementing the right cybersecurity solution for every aspect of the business operations, both hardware and software related.
Finally Kaspersky recommends for SMBs to use a dedicated endpoint security solution equipped with web and application control, anomaly control and exploit prevention components that monitor and block suspicious activity on the corporate network.