Cryptomining dominating the security agenda

Cryptomining is a major problem in the security world and is being picked up as some of the main issues that customers are having to deal with.

Research issued from a couple of vendors this morning has underlined the spread of the problem and highlighted the danger that firms of all sizes face.

Alert Logic

The main findings from Alert Logic's Critical Watch Report were around the idea that industry and size were no longer reliable predictors of threat risk.

There was also a rise between April last year and this June in 'spray and pray' attacks that were aiming at everything with an IP address. Alert Logic found that web applications remained the primary point of initial attack.   

“It’s no secret that attackers push the envelope and innovate attacks to abuse weaknesses anywhere they find them—in cloud and hybrid deployments, containerised environments, and on-premises systems,” said Rohit Dhamankar, vice president of Threat Intelligence Products at Alert Logic.

“What is troublesome is the use of force-multipliers like automation to scale attacks for increased financial gain. This report demonstrates that attackers are gaining increasing sophistication in their ability to weaponise trusted techniques to exploit common vulnerabilities and misconfigurations for purposes such as cryptomining," he added.

McAfee

The drive to hijack devices for cryptomining was echoed in the McAfee Labs Threats Report: September 2018, which found that cryptocurrency mining malware had increased by 86% in Q2.

Cybercriminals are rapidly branching out to new attack techniques and tools, from fileless malware to cryptocurrency mining, to capture new revenue streams. Customers faced with this ever-changing attack landscape are carefully considering their risk position – creating a key opportunity for channel partners," said Ed Baker, EMEA partner lead at McAfee.

"Partners must be on-hand to advise customers when building their security strategies and provide guidance when making security investments going forwards. To stay ahead of cyber criminals, all parties in the cybersecurity industry need to focus on collaboration. This means making sure that tools can operate together, removing siloed security teams and making it easier for companies to protect data, detect potential threats, and work to effectively correct them," he added.

The firm also noted that mobile malware had increased for the second successive quarter by 27% and malware looking to exploit patchable vulnerabilities climbed by 151%.

Smart home fears

Adding to the wave of research that has come out is something from Showerstoyou.co.uk. The firm, which is looking into the adoption of smart technology in the home, found that security concerns were holding people back.

The firm responded to recent findings from YouGov which laid out what was holding back the adoption of more smart tech in the home and not surprisingly security was at the top of the list.

Users were worried that they could be hacked and become a victim of a cyber attack through smart devices and as a result had not put them in their homes.

“Smart home technology has come leaps and bounds over the last decade. Now the market has a range of smart devices and appliances to make everyday tasks at home easier and efficient. As they have advanced in their development, more features have been included to provide added value for existing and potential customers," said Martin Smith, the managing director of Showerstoyou.co.uk.

"[The research] highlights how the risk of a cyber-attack or breach, is factoring prominently in the decision-process of consumers to adopt the technology in their home. Looking into the future, as the understanding and security of smart home devices and appliances significantly improves, non-users will undoubtedly become less skeptical and more willing to try the technology," he added.