Cryptomining replaces ransomware as 2018's top cybersecurity threat

Malware, in general, accounts for the majority of cybersecurity threats, but now cryptomining reigns supreme.

Cryptojacking: The evolution of ransomware

Cryptomining has taken ransomware's place as the top cybersecurity threat in 2018, according to Webroot's Mid-Year Threat Report Update. Focusing on trends in the first half of 2018, the report discovered cyberattack vectors becoming increasingly advanced and sophisticated, according to the Tuesday press release for the report.

SEE: Enterprise IoT research: Uses, strategy, and security (Tech Pro Research)

General malware, which includes both ransomware and cryptomining, made up 52% of cybersecurity threats in the first half of 2018, said the release. But cryptojacking--the nonconsensual act of cryptomining someone else's machine--alone accounted for 35% of threats.

Cryptojacking involves maliciously using an individual's computer processing power to mine cryptocurrency, said the release. And the report found cryptojacking to be so popular that cryptojacking scripts are being run on 3% of all sites users are visiting.

Even though cryptomining dethroned ransomware as the most popular attack method, that doesn't mean ransomware is gone. In fact, ransomware attacks are using unsecured Remote Desktop Protocol (RDP) connections for more targeted attacks, said the release.

"Cybercriminals display an amazing ability to adapt to maximize their profits. Businesses need to adopt the same nimble mindset toward their cybersecurity," said Tylor Moffit, senior threat research analyst at Rebroot, in the release. "They need to continually reassess risks, adopt a multi-layered approach, and, ultimately, educate their employees about the latest threats on an ongoing basis."

With the large number of cybersecurity threats present in 2018, companies must stay vigilant in their security practices. The report found that those companies that prioritized security faced fewer threats, said the release.

Businesses that ran six to 10 security training campaigns saw phishing click-through rates drop by 28%, said the report. And that rate decreased proportionally as more employees underwent the training, added the report.

The big takeaways for tech leaders:

  • Cryptojacking replaced ransomware as 2018's highest cybersecurity threat at 35%. -- Webroot, 2018
  • Companies can protect themselves by educating their staff and conducting regular security trainings. -- Webroot, 2018

Also see

Image: iStockphoto/sarayut