Cryptocurrency miners operate according to the same business model as ransomware programs, and a recent 12% increase is raising alarms.

Companies are generally concerned about data breaches and ransomware. However, fresh statistics from the global cybersecurity company Kaspersky suggest that that the biggest threat in Southeast Asian to small and medium enterprises may not be those two, but crypto miners.

In the first three months of 2020, Kaspersky reported that it had foiled over 1 million mining attempts against devices of businesses in Southeast Asia (SEA) with 20-250 employees. This is 12% more compared with 949,592 mining incidents blocked in the same period last year.

The total number of miners detected in Q1 is also significantly more than the 834,993 phishing attempts and 269,204 ransomware detections against SMBs in the region.

Commented Yeo Siang Tiong, general manager for Kaspersky South-east Asia: “We cannot refute the fact that malicious mining is far less destructive compared with ransomware, data breaches, and the like, but it remains a risk that SMBs should consider seriously. Cybercriminals behind these attacks are using your own resources, from your electricity, your data bandwidth, to your devices’ hardware which are not cheap at all. Two days of mining cryptocurrency using mobile mining malware can leave an infected device’s battery bloated to the point of physically deforming the phone. Think footing the bill without eating the meal, that’s how illegal miners work.”

Malicious mining, also known as cryptojacking, are attacks that can inflict both direct and indirect losses for a business. Cryptocurrency miners essentially operate according to the same business model as ransomware programs: the victim’s computing power is harnessed to enrich the cybercriminals.

Aside from a substantial increase in electrical consumption and usage of CPU, mining increases the wear and tear on hardware by having processing cores, including those belonging to discrete graphics cards, working overtime to mine ill-gotten cryptocurrency. The wasted bandwidth also decreases the speed and efficiency of legitimate computing workloads. Moreover, a cryptojacking malware can overwhelm a system, causing severe performance problems, which will have an immediate effect on businesses’ networks and ultimately, their customers.

Painting a regional picture

Kaspersky’s data further reveals that Indonesia and Vietnam were among the countries in SEA and globally with the highest number of mining attempts against SMEs. Most of the six countries in the region, except the Philippines and Thailand, had also recorded an increase in terms of this genre of malware detected in the first quarter of 2020.

Number of malicious mining attempts against SMBs blocked by Kaspersky solutions and the country’s ranking based on the share of users almost infected with this malware

Completing the five countries with most number of cryptojacking attempts are the Russian Federation, Brazil, and the Islamic Republic of Iran.

Free protection for six months

Continued Yeo: “One important point SMEs should consider is that there is a direct correlation between successful cryptojacking and the use of pirated software. The more freely unlicensed software is distributed, the more miners there are, so I urge companies to use legitimate software at all times.”

Aside from unlicensed software, miners can also get into computers via adware installers and infected content distributed using social engineering as well as infected USB storage devices.

To block malicious software from adware and infected content being spread through email, SMEs can use Kaspersky Security for Microsoft Office 365, which is currently being given free for six months in SEA, as well as a free cyber-hygiene course.