This particularly insidious type of cyberattack has been on the rise since the beginning of the year. Analysis of this disturbing event and its new victims.
2022 has already been a bitter year for cybersecurity, with record levels of malware infecting connected objects and even an unexpected amount of cryptojacking. This latest insidious type of cyberattack involves surreptitiously installing cryptocurrency mining software on the victim’s device. To then remotely redirect the computing power of the machine and effortlessly reap the benefits of exploitation.
Clients in the financial sector, who used to be the least of their worries, are now suffering from cryptojacking at a significantly higher rate than in any other sector, cybersecurity firm SonicWall warns in its semi-annual cyberthreat report released July 26, 2022. individual attacks are five times higher than for the second most affected sector, retail.
“This is a dramatic turn,” SonicWall analysts say. In the three sectors that have traditionally been hit the hardest, namely government, healthcare and education, the number of cryptojackings has decreased by 78%, 87% and 96%, respectively. A “long-awaited respite”, which is contrasted by a surge in attacks on retail (+63%) or finance (+269%).
An attractive alternative
This year, the overall capitalization of the crypto market has largely melted, major players in DeFi (decentralized finance) such as Celsius or Voyager Digital have gone bankrupt, Coinbase has laid off almost one in five employees. “Changing a career is difficult, and this also applies to cybercriminals,” SonicWall speakers colorfully explain. When the price of a cryptocurrency drops like a stone, it is always easier to make do with what you have than to look for a new job. »
It should be noted that after the high-profile attacks of Colonial Pipeline or Kaseya, ransomware gangs also sought to quieter activities. Unlike ransomware, which announces its presence and relies on communication with victims to maximize the monetization of a cyberattack, cryptojacking is based on discretion. The risk of being detected remains low.
“Unsuspecting users are seeing their devices become inexplicably slow, but it’s hard to attribute this to criminal activity, let alone find the source,” Terry Greer King, SonicWall VP of EMEA, recently told Tech Monitor.
As an exception to the rule, at least one gang of ransomware criminals has publicly announced their intention to engage in cryptojacking. As long as there is money to be made with less risk, others can obviously follow suit.
From record to record?
Despite the dizzying fall in the price of cryptocurrencies, cryptojacking is hitting all-time highs, with global volume rising to 66.7 million cases in the first half of 2022. This corresponds to a 30% increase compared to the same period of the previous year.
Fortunately, since the historical peak was observed in the first three months, the pace seems to be running out of steam. But don’t get excited in a hurry, as SonicWall describes the phenomenon of seasonality, with a “summer depression” before the rebound, usually fixed in the fourth quarter.