Cryptocurrency Mining Malware Displaces Ransomware

A majority of cyber security leaders noted the rising popularity of crypto mining malware attacks, displacing ransomware.

A new study from Information Systems Audit and Control Association (ISACA) reveals that the number of cyber attacks is still increasing. Enterprises are seeing fewer ransomware attacks, but attacks targeting cryptocurrency operations are on the rise.

ISACA’s latest State of Cybersecurity 2018 research showed that half of the 2,366 security leaders who participated in their survey had reported a rise in cyberattack volumes relative to last year. Also, a huge 80% majority of the participants expressed concern that they are likely or very likely to face attack this year — the same number of respondents who said the same from the previous study last year.

The report said:

“The data show that ransomware attacks may have been displaced by cryptocurrency mining, which is becoming more frequent. Cryptocurrency mining malware can operate without direct access to the file system, making them harder to detect—and as the prices of cryptocurrencies increase, the economics of cryptocurrency mining malware becomes better for the attacker.”

The researchers noted a significant decline in the number of ransomware attacks despite the jump in cyber attacks across industries. In 2017, some 62% of those surveyed reported experiencing a ransomware attack, but the figure dropped to 45% of this year's respondents who said they were attacked. 

In addition, the research found that nearly four out of 10 security leaders do not have sufficient or lack information about active defense strategies like honeypots and sinkholes. A little over 50% of the respondents claimed familiarity with active defense.

Frank Downs, director of cybersecurity at ISACA added:

“This is a missed opportunity for security leaders and their organizations. ISACA’s research indicates that active defense strategies are one of the most effective countermeasures to cyber attacks. A full 87 percent of those who use them indicate that they were successful.”

Spike in cryptojacking

The results of ISACA’s study mirrors the earlier report by Malwarebytes which found that cryptojacking threat is growing in popularity compared to other types of cryptocurrency-related malware attacks.

Malwarebyte’s latest Cybercrime Tactics and Techniques has concluded that ransomware popularity dropped 35% in comparison to the last quarter, while cryptojacking incidence rose by 27% during the same quarter.

The report said:

“A huge spike in September and October 2017 resulted in more than 25 million detections of crypto mining malware on consumer machines. By March, the decline still left us with 16 million detections.”