In an era when technology was not as advanced, bank robbers used to piggyback on someone else’s back to enter a bank to rob it and go unnoticed. Fast forward to many years down the line, in a hyperconnected digital era, attempts to mine crypto using somebody else’s computing power is known as Crypto Jacking. 

In a world beyond standard cybersecurity risks such as phishing & ransomware, precarious crypto-mining attempts should be monitored and taken down. There ought to be an attempt to clean the industry and build trust among the community. Proof of the pudding lies in the data. According to Kaspersky, 1,726,799 mining attempts were detected in the first half of 2020 targeting SMBs in the region. While the increase is slight as compared to 2019, it’s interesting to note that phishing detections were 1,602,523 and  504,304 ransomware detections during the same period – January to June 2020

How did we get here?

The growth in the acceptance and circulation of crypto in the mainstream has translated to far more people being in the ecosystem now than ever before. More and more people want to get a part o the crypto pie. Most top-performing digital currencies have reached an exorbitant value thus making it out of reach of highly technical enthusiasts who want to make a killing in the crypto market but don’t necessarily have the money to buy crypto in higher quantities. 

The law says mining crypto is not illegal as it’s through computing power itself that more crypto is circulated in the market, besides being traded.  What’s illegal is the hacking of an organization’s computing power to mine crypto. The nature of such a hack does not even impact an enterprise in the beginning, because nothing is being stolen practically. However, it is when the performance of systems at an organization rapidly deteriorates, that is when such a hack is detected. But why Southeast Asia?

The answer lies in political turbulence and stability in general. At a recent media briefing, Vitaly Kamluk, Kaspersky’s Director for Global Research and Analysis team in Asia-Pacific, said Malaysia witnessed a surge in cyberattacks earlier this year which coincided with tumultuous times in Malaysian politics. 

In fact, Vitaly says that hackers have used the coronavirus & political tensions to launch more cyber attacks on Malaysian companies. In fact, another study published earlier this year found out that developed APAC countries such as Singapore, South Korea, Japan, Australia & New Zealand are more prone to greater cybersecurity risks but being strong digital economies, they are well-positioned to mitigate risks and threats. 

The Road Ahead for Crypto Jacking & How can Enterprises be Secure?

Awareness is the foremost action point when it comes to cracking the crypto-jacking conundrum and ensuring that an enterprise’s system is not compromised. The following steps can be taken by small and medium scale businesses in Southeast Asia: 

• Cybersecurity awareness and sensitivity training need to be imparted to all employees. 
• Web traffic monitoring needs to be taken seriously. Queries from crypto-mining protocols mean you have been Crypto Jacked. 
• Tracking server loads on a regular basis and security audits of network need to be done to keep threats at bay.
• Ensure that all enterprise software used by the company is updated. 
• Upgrade to a dedicated endpoint security solution. 

The world is filled with bad individual actors and organized actors who are constantly searching for the next loophole they can attack, which can help them serve their purpose of crypto mining. As the proliferation of cryptocurrencies grow and they become more mainstream, there is bound to be a surge in cyberattacks which compromises the capacity of a company’s computing systems. 

Southeast Asia will always be at the forefront of the Crypto Jacking risk because the cryptocurrency ecosystem in the region has matured and we have seen a new wave of ICOs hit the markets in recent times. At the end of it, from a security standpoint, it all boils down to being aware and vigilant. 

Sources: Money Compass, TechWire Asia, Computer Weekly, SecurityBrief

About the author

Siddhartha Dasgupta

Contributing Author

Sid has been a content solutions evangelist and a digital marketer for 10+ years. Having written for brands such as IBM, Infosys and other technology corporations and startups, he is always at the cutting edge of researching & writing about emerging technologies.