Cryptojacking is still "a bit of a black box" for 71% of CISO

According to the recent Cyber ​​Threatscape report by iDefense of Accenture Security, cybercriminals have increased their use of cryptocurrency malware and this trend is expected to continue in 2019 with a shift towards the altcoins of malware mining, in particular, Monero.

But the most disturbing conclusion is that 71% of respondents, chiefly Chief Information Security Officers (CISO), are still claiming that cyberattacks are "a bit of a black box" for them and are still " not "enough to know how or when they will influence" their organization.

This discovery seems a little terrifying if you investigate the big picture.At the beginning of July 2018 Skybox ™ Security leader worldwide in the management of information security, published a report stating that in the first half of 2018 encryption had accounted for 32% of all cyberattacks, surpassing the previous preferred, ransomware (type of malware that restricts users to obtain your system or personal files and asks for the payment of the ransom to retrieve access) which currently represents only 8%.

And the threat is coming true, from the infrastructure to Tesla's Amazon Web Services cloud that was executing malware in a well-hidden campaign in February until the recent arrest of 20 cryptojackers from China. The group managed to extract 15 million yuan ($ 2.2 million) of cryptos in two years of orderly operations.

And even this week alone was very fruitful for speculation on cases of malicious mining: it was finally calculated that 6000 people were probably affected due to the download of games "Abstractism" from the platform Steam and over 200,000 people, largely in Latin America (and cryptojacking researcher Troy Mursch still count here ) were attacked as a result of the Coinhive campaign of cryptojacking targeting [19659002] MikroTik Router. And as mentioned in McAfee®, the cybersecurity company's blog, the attack "has the potential to start spreading all over the world, since there are 1.7 million of MikroTik routers everywhere . "

Can anyone be safe in the situation where even 71% of IT security executives are perplexed?

BlueCat's Ben Ball, Enterprise DNS Company believes that "all cryptographic attempts have one thing in common: they have to communicate." So, in his opinion, DNS could be the most reliable way to detect and eliminate corporate cryptojacking. "

Gary Davis is Chief Consumer Security Evangelist of McAfee® recommends checking online communications. "When vulnerabilities are made aware, manufacturers inform the public and make aware of the upcoming corrections." Furthermore, it suggests "protecting the home network at the source".

In addition, it is possible to consider the use of tools such as Qualys BrowserCheck CoinBlocker Chrome Extension, recently released by Qualys Malware Research Labs. Protect users from active cryptojacking campaigns.

And, well, we thank Google for stopping the mining apps from the Google Play Store earlier in July. They are just trying to take care of us.

Start trading cryptocurrency with Coindirect.

Happy girl, in love with research and learning. Write about my blockchain and crypto results.

Source link