Cryptocurrency mining malware on the rise
Security report: New Zealand well below global average for cyberattacks, but cryptocurrency mining malware on the rise
• Profit-oriented cybercriminals are turning their attention to stealthier tricks such as cryptocurrency mining;
• New Zealand consistently among the least at-risk nations for cyberthreats;
• Lower risk should not create complacency, says Microsoft’s National Technology Officer;
NEW ZEALAND, 6 May 2019 – While New Zealand experiences far fewer threats on average than its neighbours, Asia Pacific continues to be an attractive region for cybercriminals. Microsoft today unveiled the Asia Pacific findings from the 24th edition of its Security Intelligence Report (SIR), an annual study aimed to improve cyber resilience in the region.
The latest SIR report comprises insights and key trends from diverse sources, including 6.5 trillion threat signals that go through the Microsoft cloud every day. Drawn from data received between January and December 2018, the report covers 15 Asia Pacific countries including New Zealand.
The top cyberthreats New Zealanders face are malware, cryptocurrency mining and ransomware. On the other hand, drive-by downloads, when vulnerabilities in regular websites are exploited to direct browsers to compromised sites that infect their computers, remain a comparatively low risk for Kiwis. New Zealand encounter rates are half the global average.
“Undoubtedly, cybersecurity is one of the most pressing issues for organisations today. As cyberattacks continue to increase in frequency and sophistication, understanding prevalent cyberthreats and how to limit their impact has become an imperative,” said Russell Craig, National Technology Officer for Microsoft New Zealand.
“Our annual Security Intelligence Report aims to keep pace with the ever evolving cyberthreat landscape by highlighting the techniques and tradecraft of cybercriminals. It also offers insights to improve cyber resilience and the overall cybersecurity health of organisations around the world.”
Cryptocurrency Mining Malware Becomes Increasingly Prevalent
New Zealand reports of cryptocurrency mining malware are 58% lower than the global average and 64% lower than the rest of the Asia Pacific region. However, it continues to be one of the top four cyberthreats Kiwis face, and the gap between us and the rest of the world is smaller than for other forms of cyberattack. Last year, New Zealand ranked 29th globally as a destination for crypto-miners.
With the rise in value of cryptocurrency, such as Bitcoin, cybercriminals seeking illicit profits have turned to malware that lets them use victims’ computers to mine cryptocurrency coins. This approach allows them to leverage the processing power of hundreds of thousands of computers. Even when a minor infection is discovered, the anonymous nature of cryptocurrency complicates efforts to track down the responsible parties. The report notes that the encounter rate varies with the rise or fall in the value of cryptocurrency.
The availability of “off the shelf” cryptocurrency mining products and the lower risk of immediate detection have also contributed to the rise. Because cryptocurrency mining works in the background while the user is performing other tasks or is away from the computer, it may not be noticed at all unless it degrades the computer’s performance sufficiently. As a result, users are less likely to take any action to remove the threat, and it might continue mining for the benefit of the attacker for an extended period of time.
Ransomware Still a Threat Despite a Decline in the Number of Attacks
New Zealand is also less prone to ransomware attacks than the rest of the world, with rates 60% lower than the global average and 71% lower than the Asia Pacific average. However, a Taranaki school was the target of a ransomware attack in mid-2018. Ransom-related scams are also reported. In December 2018, New Zealand Police investigated emails claiming an explosive device was hidden in the recipient’s office, which would be detonated unless a ransom in Bitcoin was paid.
According to the report, ransomware encounters have decreased by 73 percent worldwide, partly owing togreater awareness of threats. More organisations and individuals are displaying greater caution and backing up important files so they can be restored if encrypted by ransomware.
Developing Markets in Asia Pacific Among the Most Vulnerable to Malware
New Zealand cybersecurity agency CERT NZ reported a 205 per cent increase in cybersecurity incidents in 2018, with 18 per cent of targets experiencing financial loss. Total losses amounted to $14 million.
Despite that, the global malware encounter rate has decreased by 34 percent, with New Zealand one of the three Asia Pacific markets with the lowest malware encounter rates, alongside Japan and Australia. These countries have mature cybersecurity infrastructures and well-established programmes for protecting critical infrastructure and communicating with their citizens about basic cybersecurity best practices.
“It’s important not to grow complacent because of the comparatively lower risk in New Zealand,” said Craig. “As Kiwis, we’ve learned that the hard way. Lower risk does not mean no risk, nor does it mean low impact, because people and organisations that aren’t prepared for cyberthreats still face the same consequences to their productivity, data, finances and even their emotional wellbeing as anyone else.
“This report shows that New Zealand is so successful in countering cybercrime because of the existing measures in place to prevent, detect and respond to threats and our willingness to adopt more secure technologies such as cloud. Maintaining a holistic approach to security and boosting our investment in other preventive tools such as artificial intelligence to augment security operations will be vital if we want to remain one of the most secure nations,” Craig concluded.
To learn more about the latest cyberthreat trends as well as the best practices that organisations can adopt, download the full report here https://www.microsoft.com/sir.
About Microsoft Security Intelligence Report
The 24th edition of the Microsoft Security Intelligence Report (SIR) is a reflection on last year’s security events and includes an overview of the security landscape, lessons learned from the field, and recommended best practices.
The data analysed in this report includes the 6.5 trillion threat signals that go through the Microsoft cloud every day and the research and real-world experiences from our thousands of security researchers and responders around the world.