SMBs in South-East Asia at high risk of crypto-mining
Over a million crypto-mining attempts were foiled against devices of small and medium businesses (SMBs) in South-East Asia in the first quarter of this year alone.
This, according to new statistics by Kaspersky, represented a 12% increase compared with 949, 592 mining incidents blocked in the same period in 2019. The total number of miners detected in the first three months of 2020 is also significantly more than the 834,933 phishing attempts and 269,204 ransomware detections against SMBs in the region.
Malicious mining, also known as crypto-jacking, happens when cybercriminals install a malicious programme on the target computer or by means of file-less malware without the user’s knowledge.
Yeo Siang Tiong, general manager for South-East Asia at Kaspersky, said, “As the symptoms and consequences of malicious mining are less obvious and less immediate than ransomware and phishing attacks, it is easier for SMBs to disregard it a mere technical issue.
“However, its aftermath is costly in the long run. The rapid increasing of crypto-jacking incidents in the region should be a wakeup call for enterprises in all shapes and forms. Cybercriminals are doing this attack because it is profitable, and it is high time that we acknowledge this and improve our defenses against it.”
Singapore and Malaysia both recorded an increase in attempted crypto-mining incidents in Q1 2020, while Indonesia and Vietnam are ranked third and fifth respectively when it comes to the total number of mining attempts recorded globally.
According to Kaspersky, signs of devices being compromised by crypto-mining include, substantial increase in electrical consumption and usage of CPU, slow system response, and decrease in speed and efficiency of legitimate computing workloads, among others.
While highlighting that raising the cybersecurity awareness of employees will be key to safeguard businesses, Kaspersky also advised companies to monitor web traffic, keep track of server load, ensure that all software are up to date, and to implement the right cybersecurity solution for every aspect of business operations.