Businesses Are Increasingly Falling Victim to a New Cyber Scheme Known as Cryptojacking…
Businesses around the world are increasingly falling victim to cryptojacking – a new cyber scheme where criminals hijack central processing unit (CPU) power from unsuspecting computer users to mine cryptocurrencies. The rapid evolution of cyber threats highlights the importance of regularly updating your company’s cybersecurity and data protection protocols.
Cryptojacking is the latest scheme involving malware spread via fake online advertisements. When a user clicks on the ad, it executes malicious code that allows the attackers to mine cryptocurrency via the user’s browser. More sophisticated attacks can infiltrate vulnerable systems that simply display the illegitimate ad without any involvement by the user.
Some websites allow browser-based cryptomining as a means of generating income. Unlike cybercriminals, legitimate websites use a small percentage of the computer’s resources to run mining code in the background, but only if visitors provide consent. Conversely, hackers use far more aggressive techniques and circumvent security features to remain undetected for as long as possible.
Earlier this year, cryptojacking surpassed ransomware as the number one type of attack on the internet, according to Akouto. The Canadian cybersecurity firm’s servers tracked a 3,500 percent spike in attempted intrusions in March of 2018.
“March was an incredibly active month for the combined malvertising-cryptojacking attack,” said Akouto founder Dominic Chorafakis. “Starting on March 7th, our central monitoring servers recorded a spike in attacks being blocked by managed Intrusion Prevention systems on customer networks,” Chorafakis continued. “The attempts were detected at virtually every site at a rate that was 3500% higher than the months prior. Reports in April showed a decrease in activity but still averaged 700% higher than the first two months of 2018.”
While cybercriminals may not steal data, cryptojacking can result in a loss of productivity for business because it slows systems, makes them use more energy, and may even render them unresponsive. Devices infected with the malware may also suffer from an increase in application crashes and may stop working completely.
Cyber Vigilance Is Essential
Staying on top of cyber threats is increasingly important, as both regulators and customers are holding companies more accountable for lapses in security. In New York, the Department of Financial Services continues to roll out its cybersecurity regulations.
As discussed in greater detail in prior articles, the regulations require that financial service companies “establish and maintain a cybersecurity program designed to ensure the confidentiality, integrity and availability of the Covered Entity’s Information Systems.” The cybersecurity requirements further mandate that covered entities implement cybersecurity policies that are tailored to their unique risks and needs.
Of particular note, entities subject to the DFS regulations must appoint a chief information security officer to implement and enforce the policies. Other requirements under the regulation include: adopting policies and procedures designed to ensure the security of information systems and nonpublic information accessible to, or held by, third-parties; requiring multi-factor authentication for individuals accessing internal systems who have privileged access or to support functions including remote access; drafting an incident response plan to recover from any cybersecurity event; and conducting annual penetration testing and vulnerability assessments. This February, new annual certification requirements took effect under which a board member or senior officer at all regulated entities must certify annually that the company is in compliance with the DFS cybersecurity requirements.
In New Jersey, Attorney General Gurbir S. Grewal recently announced the creation of a new civil enforcement unit, known as the Data Privacy & Cybersecurity (DPC) Section. The new DPC Section will be housed within the Division of Law’s Affirmative Civil Enforcement Practice Group and will be tasked with enforcing laws that protect New Jersey residents’ data privacy and cybersecurity by bringing affirmative civil actions against violators. Among other priorities, the DPC Section will assume responsibility for the Office’s ongoing investigation into Facebook’s transfer of personal information to Cambridge Analytica. According to Facebook, approximately 1.6 million users in New Jersey were impacted.
In addition to enhanced regulatory scrutiny, businesses also face increased reputational harm in the wake of a cyberattack. Customers now expect companies to have robust data security procedures in place and assign blame when they fall short. Given the risks, businesses should consider taking steps to mitigate the risk of cryptojacking, such as reviewing software patch policies, analyzing website security, and implementing security programs that can block access to crypto mining scripts.
Breach of Contract Explained: Types and Consequences
Breach of contract disputes are the most common type of business litigation. Therefore, nearly all New York and New Jersey businesses will likely have to deal with a contract dispute at least once. Understanding when to file a breach of contract lawsuit and how long you have to sue for breach of contract is essential […]
How to Dissolve a Corporation in New Jersey: A Step-by-Step Guide
Closing your business can be a difficult and challenging task. For corporations, the process includes formal approval of the dissolution, winding up operations, resolving tax liabilities, and filing all required paperwork. Whether you need to understand how to dissolve a corporation in New York or New Jersey, it’s imperative to take all of the proper […]
Gross Lease vs. Net Lease: Understanding the Key Differences
Commercial leases can take a variety of forms, which is often confusing for both landlords and tenants. Understanding the different types, especially the gross lease structure, is important when selecting the lease that best suits your needs. One key distinction between lease types is how rent is calculated and paid. This article addresses the two […]
What to Do If You Are Impacted by a Retailer Bankruptcy Part 2
Over the past year, brick-and-mortar stores have closed their doors at a record pace. Fluctuating consumer preferences, the rise of online shopping platforms, and ongoing economic uncertainty continue to put pressure on the retail industry. When a retailer seeks bankruptcy protection, a myriad of other businesses are often impacted. Whether you are a supplier, customer, […]
The Current Administration's Proposals for the Financial Services and Banking Industries Will Affect Your Business
Since his inauguration two months ago, Donald Trump’s administration and the Congress it controls have indicated important upcoming policy changes. These changes will impact financial services policies and priorities. The changes will particularly affect cryptocurrency, as well as banking rules and regulations. Key Regulatory Changes in Cryptocurrency For example, in the burgeoning cryptocurrency business environment, […]
Tips for Commercial Landlords Impacted by Wave of Retailer Bankruptcies Part 1
The retail sector has experienced a wave of bankruptcy filings over the last year. Brick-and-mortar businesses in financial distress include big-name brands like Big Lots, Party City, The Container Store, and Vitamin Shoppe. When large retailers seek bankruptcy protection, they are not the only businesses impacted. Landlords can be particularly hard hit. While commercial landlords […]
No Aspect of the advertisement has been approved by the Supreme Court. Results may vary depending on your particular facts and legal circumstances.
Sign up to get the latest from our attorneys!
Explore What Matters Most to You.
Consider subscribing to our Firm Insights mailing list by clicking the button below so you can keep up to date with the firm`s latest articles covering various legal topics.
Stay informed and inspired with the latest updates, insights, and events from Scarinci Hollenbeck. Our resource library provides valuable content across a range of categories to keep you connected and ahead of the curve.
Let`s get in touch!
Sign up to get the latest from the Scarinci Hollenbeck, LLC attorneys!
