IT directors at 750 companies with 250 or more employees in the UK are reporting a steady increase in attempted “crypto-jacking” attacks on enterprise computer systems, with 30% of all companies reporting attacks in May, the month the survey was conducted.
The findings were determined in a poll commissioned by Citrix, providers of mobile workspace software, and conducted by One Poll, Internet of Business reports.
“Crypt0-jacking” is an increasingly popular form of malware attack in which hackers infect sometimes thousands of computers with software that “mines” (or generates) cryptocurrencies.
The resulting “botnets” of zombified computers then surreptitiously mine cryptocurrencies and send the proceeds to hackers’ online “wallets.”
Enterprise and institutional computer networks are particularly favoured by crypto-jackers for their size and potential productivity.
The poll seems to indicate that cryptojacking attacks are escalating. According to Citrix, 69% of all businesses polled confirmed they’d detected an attempted cryptojacking infection in the last year, with 80% of those attacks occurring in the last six months.
Experts say that hackers are starting to prefer mining malware attacks over the more confrontational ransomware attacks like “WannaCry” that gained notoriety in 2017.
In ransomware attacks, hackers seize control of important data on business and institutional systems then demand a ransom paid in cryptocurrency for its release.
The American Professional Golfer’s Association (PGA) was hit by a ransomware attack last week when hackers took control of graphics files used to promote two upcoming tournaments.
Hackers seize nothing in cryptojacking attacks, but rather inject parasitic mining software onto computer systems, which can slow their performance and substantially increase electricity bills.
Cryptojacking attacks can go undetected for some time, and there are reports of certain crypto jackers passively earning hundreds of thousands of dollars a month from mining malware botnets.
Notably, the poll found that only 7% of mining malware attacks were detected by anti-malware software, and rather 38% of attacks were signalled by network monitoring solutions and 34% by employees.
The poll also found that 67% of organizations already have malware policies in place, but 21% have no contingency plan.