UK National Cyber Security Centre Includes Cryptojacking In Report On Cyber Threats
On April 10, the UK National Cyber Security Centre (NCSC) released a report analyzing how nefarious cyber activity influenced the business environment in Great Britain over the past year.
The report dedicates a section to cryptojacking, a form of cyber attack in which a hacker utilizes an individual’s computer, without the owner’s knowledge, to mine cryptocurrencies. Often the only way to notice that a device is being cryptojacked is a slight slowdown in performance.
The NCSC believes that, with the growing interest in cryptocurrencies, methods of digital currencies mining via users’ CPU power, such as cryptojacking, will probably become a steady source of revenue for website owners and hackers. According to the report:
“The technique of delivering cryptocurrency miners through malware has been used for several years, but it is likely in 2018-19 that one of the main threats will be a newer technique of mining cryptocurrency which exploits visitors to a website.”
The report states that incidences of cryptojacking increased in 2017. In December 2017, 55 percent of businesses worldwide were impacted by cryptocurrency miners. In February 2018, more than 4,000 websites globally (including about 600 in the UK) secretly mined digital currency with compromised screen-reading plugins designed for blind and partially sighted people.
The NCSC believes that the majority of cryptojacking is performed by cyber criminals. However, website owners have also targeted visitors and utilized the CPU power of visitors’ computers to mine cryptocurrency to their own advantage.
In past years, malware has proven itself to be an effective technique for mining cryptocurrencies through exploiting common users’ software vulnerabilities. Last month, Microsoft’s Windows Defender Antivirus blocked over 400,000 attempts of malware to infect users with a cryptocurrency miner in a 12 hour span.
In January, the Opera web browser announced they would add anti-crypto mining to their mobile browser after including it in their integrated ad blocker for desktop.