Cybercriminals have made cryptojacking their number one means of attack as it is now profitable than commoditised ransomware, according to Symantec’s regional manager for the Gulf region.
Cryptojacking is the unauthorised use of a user’s computing resources for mining of cryptocurrencies.
Symantec’s new Internet Security Threat Report (ISTR) also reveals that the UAE’s 2017 Internet Security Threat Profile improved globally, with the country dropping from its world rank of 51 in 2016 to 52 in 2017. In the past year, the UAE primarily faced threats from cyptominers, ransomware and malware.
In the MEA region, the UAE had the 3rd highest share of cryptominers, while Saudi Arabia ranked first.
During the past year, an astronomical rise in cryptocurrency values triggered a cryptojacking gold rush, with cybercriminals attempting to cash in on a volatile market. Detections of coinminers on endpoint computers increased by 8,500 percent in 2017.
With a low barrier of entry – only requiring a couple lines of code to operate – cybercriminals are harnessing stolen processing power and cloud CPU usage from consumers and enterprises to mine cryptocurrency.
Coinminers can slow devices, overheat batteries, and in some cases, render devices unusable. For enterprises, coinminers can put corporate networks at risk of shutdown and inflate cloud CPU usage, adding cost.
Globally, U.S. had the largest global share of all cryptomining detections in 2017 (24.47 percent), followed by Japan and Germany.
“Cryptojacking is a rising threat to cyber and personal security,” said Hussam Sidani, regional manager for the Gulf region, Symantec. “Hackers can jack mobile phones, devices and data centres to consume processing power and steal cryptocurrencies. Cryptojacking slows down users’ devices and enterprises’ cloud session performance, and can cause massive bills. Cybercriminals are now looking beyond the profitability of ransomware, which has become a commodity. Cryptojacking is easier, and requires shorter code.”
The 2017 regional threat ranking is based on eight metrics that represent the main sources of threats: malware, spam, phishing hosts, bots, network attacks, web attacks, ransomware and cryptominers. In the Middle East and Africa, the UAE jumped from its 10th regional rank to 9th this year.
The UAE was the sixth most targeted country in MEA for ransomware attacks, down four spots from 2016.
Saudi Arabia again experienced the highest number of ransomware detections in the region, maintaining its leading ranking in MEA. Globally, UAE ranked 41st with 0.30 percent of ransomware attacks detected worldwide. KSA stood at the 25th spot, with 0.61 percent of global detections.
Sidani went on to add that attackers are now also increasingly delivering targeted attacks that are designed to cause sabotage and affect critical infrastructures. “If you look back to the attempted attack on the Saudi petrochemical plant in August 2017, that was designed to cause an explosion. Roughly 10% of targeted attacks are now aiming to cause disruption or sabotage.”