Nearly nine million cryptominers targetting SMBs in SEA blocked by Kaspersky

Cybersecurity firm Kaspersky blocked almost 9 million cryptominers targeting small and medium businesses (SMBs) in Southeast Asia last year.

In Southeast Asia, cryptomining is the highest in terms of attempted attacks blocked by Kaspersky at 8,926,117 in 2020. It is more numerous than the combined detected phishing attempts at 2,890,825 and ransomware attempts at 804,513 in the same year.

According to Evgeny Lopatin, malware analyst team lead at Kaspersky, malicious cryptocurrency malware used in cryptomining is being used by cybercriminals to use hardware they don’t own such as smartphones, computers, tablets, and servers.

“These cybercriminals then harness the processing power of these devices to mine for cryptocurrencies such as Bitcoin, the prices of which have been skyrocketing. So if you’re a business owner and your staff are working remotely because of the pandemic yet you find your office power bill unusually high, check your IT backend. There may be cryptominers using your business resources, at your expense,” said Lopatin.  

Kaspersky’s general manager for Southeast Asia, Yeo Siang Tiong advised business owners to take the crypto mining threat seriously and not to keep their guards down.  

“SMBs normally have a relaxed attitude towards information security and so the main damage from cryptomining is expected to be felt by this sector. Cryptocurrencies continue to attract investor and user attention due to the continued spike in its prices so we really caution SMBs not to underestimate the possibility that cryptomining will remain to be a serious cyber threat.

“After all, cybercriminals have long realized that infecting servers is more profitable than mining on home users’ computers so SMBs should take this silent threat seriously,” said Yeo.

In the region, most of the monitored cryptomining attempts prevented by Kaspersky were observed in Indonesia and Vietnam for two consecutive years, accounting for almost 71% in 2020 and 80% in 2019 of all attempted incidents in SEA.

According to Yeo, there are several tell-tale signs that personal devices are being used illegally by cryptominers, such as system response slowing down due to the workload strain, increase in power consumption that result in batteries depleting at a faster pace, electricity bills skyrocketing and a more significant data usage. 

Businesses should take proactive steps against cryptomining malware to stop cybercriminals from ever using their system. Kaspersky has a few tips to ensure the safety of their assets and devices:

  • Keep operating systems and software regularly updated.
  • Avoid clicking email links and attachments from unverified and untrusted sources.
  • Practice caution when installing software from the web since cryptominers are known to embed malware in them.
  • Install a strong security solution such as Kaspersky Endpoint Detection and Response Optimum (KEDRO) as it complements protection for endpoints such as mobile phones, tablets, and laptops connected to the company network.
  • Carry out regular security audits of corporate network, including less-obvious targets such as queue-management systems, POS terminals and vending machines.