Cryptojacking Now The Leading Cyber Crime, One Vendor Says
Months ago, the cyberthreat landscape changed without much fanfare, according to intelligence from cybersecurity vendor Webroot.
That's when cryptojacking dethroned ransomware as the world's most-common type of cyber-attack, Sarah Morgan, Webroot's channel account manager, told attendees of the NexGen Cloud conference in Anaheim, Calif. on Monday.
The still relatively unknown crime, involving hackers exploiting systems and devices to mine Bitcoin, largely goes unnoticed because of its subtlety—often, the only manifestation of the attack is an elevated power bill.
[Related: Fortinet: Managed Services Most Lucrative Element of Coming $132 Billion Cybersecurity Market]
Cryptojacking is becoming so prevalent because it's both easy to do and profitable, Morgan said.
There's a "minimal illegal footprint," she said, and often authorities aren't too concerned because the attackers aren't shutting down offices by encrypting files or stealing valuable data.
Cryptojacking, like many other threats, is gaining steam because cyber-criminals are "making a ton of money out of it," Morgan said.
Experts predict by 2020, cybercrime will generate a staggering $6 billion in illicit revenue.
Remote Desktop Protocol incursions are another threat vector MSPs should be mindful of, often giving cybercriminals "carte blanch" into corporate networks, she said.
There's very rarely a "good business case for RDP," Morgan said. That approach is "setting yourself up for headaches with your customers."
Another "interesting threat" is DNS cache poisoning, Morgan said. That's where hackers take over vulnerable routers in places where mobile workers congregate, like coffee shops, to redirect attempts to access their web services.
Add to the list malware, ransomware, malicious URLs and IPs, and phishing attacks and it becomes increasingly clear why cyber-security is top of mind for so many organizations, and such a large opportunity for managed services providers.
The multitude of threats is why "you have to have a layered approach to security," Morgan said.
"Do not rely on one solution," she told NexGen attendees. "There's no silver bullet."
To protect their customers, MSPs should start off with state-of-the-art endpoint protection, like Webroot products that use AI and machine learning. Signature-based products are outdated, she said.
DNS protection is also critical. As is the need to educate users to follow secure practices—often the hardest security protocol to implement.
Lastly, threat intelligence is key, Morgan said.
"Make sure you’ve got the best of the best in terms of threat intelligence," she said, like Webroot's BrightCloud, the largest threat intelligence network in the world.
James Hoff, president of Ace Internet Services, headquartered in Seattle, said Morgan's presentation was eye-opening.
"It's critical to have all the pieces that she talked about, the last one being threat intelligence. I think that's one of the key pieces that is often missing," he said, noting threat intelligence is a solution he's scouting while at the NexGen conference.
Like Morgan discussed, educating customers is always a challenge.
"You have to have interest, and you have to execute," Hoff said, which can be difficult as customers are often focused on short-term costs.