Cyber crime has always been a prevalent issue in our society, ever since the creation of the internet in the 90s. We spoke to Sherrod DeGrippo, Director of Threat Research and Detection at Proofpoint, which is a company that provides software and other products to help people and businesses with their online security needs, to tell us about why there might be an increase in cyber crime, especially around the theme of cryptocurrencies.
DeGrippo believes that there has been an increase in this type of crime due to a number of mitigating factors. She said: “There are a lot of moving parts in the cryptocurrency space. A hard fork in Monero, for example, just made it easier for desktop mining to compete with ASIC-based mining, making coin-mining malware and cryptojacking more viable money-making avenues for threat actors. Bitcoin is beginning to stabilize while governments increasingly look to regulation, which means that actors are looking to cash in before new roadblocks appear. We have also seen a variety of coin mining technology built into malware and websites that have created a critical mass of cryptocurrency activity.”
The most worrying part of this increase in cryptocurrency crime is that it can affect all systems that we use everyday. This type of crime can even affect the most important device in our lives: our smart phones.
DeGrippo did have some advice for the average person on what they could do to help prevent their systems from being affected. She advised: “To a large extent, ensuring that endpoint security, browsers, operating systems, and application software are up to date remain the best protections for individuals. Additionally, a number of browser plugins exist that can prevent cryptojacking.”
We all remember the phishing scams of the 90s, when you would receive emails claiming that you had won the lottery in a country you have never even heard of, and that if you give them some details then you will receive your millions. DeGrippo dispelled the notion that these new crimes are similar by saying: “It is similar in that threat actors almost always “follow the money” – however, the underlying technology and approach is different.”
DeGrippo also described to us what the worst case scenario could be if a system gets “infected”. She said: “It’s not so much an issue of software getting infected as it is, in this case at least, users being exposed to cryptomining. This can come from standalone software, compromised or malicious apps, in-browser mining, and more. In most cases, the biggest impact is on system performance and energy usage on infected systems. However, in some cases, cryptocurrency mining software might also contain information stealing and/or banking Trojan functionality, which exposes users to additional risk.”
Probably the most well known cryptocurrency to the general public is Bitcoin. We have seen the currency have wild surges and dips in its value of the course of the last couple of years. Is cryptocurrency too volatile a currency to worry about? DeGrippo still gave a stark warning to those who dabble in cryptocurrency, saying: “Individual users and investors must assess the level of risk they find acceptable as related to cryptocurrency. However, we do attribute some of the decreases in ransomware prevalence to cryptocurrency volatility and therefore continue to monitor for the effect on the threat landscape. Regardless of the volatility, cryptocurrencies remain the currencies of choice for threat actors because of the relative anonymity of transactions.”
It just goes to prove that whenever there is a new development in technology, there will always be people out there who will try and take advantage of the general populous.
Read some more on the subject here.
And check out some of our great articles here