JACK GUEZ/AFP/Getty Images
show image

Coinmining rises by 44,000 per cent in the UK

Coinminining activity rose by 44,000 per cent in the UK last year, as the price of bitcoin soared and cyber criminals moved away from the crowded ransomware market.

The figures are based on analysis of Symantec’s civilian threat collection network, which monitors more than 700,000 global adversaries in over 157 countries.

“Cryptojacking is a rising threat to cyber and personal security,” said Mike Fey, president and COO, Symantec. “The massive profit incentive puts people, devices and organizations at risk of unauthorized coinminers siphoning resources from their systems, further motivating criminals to infiltrate everything from home PCs to giant data centers.”

The threat came under the spotlight last month when thousands of websites – including several government platforms – were hit by coinmining hackers.

The Information Commissioner’s Office, Student Loans Company and the Pensions Advisory Service were among those affected. Scott Helme, the researcher who identified the malicious code, told NS Tech at the time the affected organisations “got off lightly”.

The malware did not extract users’ personal information and the National Cyber Security Centre said there was nothing to suggest the public was put at risk. “This could have been much worse,” said Helme. “It could have gone under the radar for weeks. I’m hoping people will take that seriously and realise we got off lightly.”

Earlier this month, researchers at SecureWorks also reported a dramatic spike in cryptocurrency mining alerts and said in a threat report that unauthorised coinmining had been witnessed during “almost all” client callouts over the previous six months.

However, the firm’s Mike McLellan warned that many companies are not taking the threat seriously enough. “Where our incident response teams get called out, it’s generally where an organisation has identified a big spike in processing power on one of their critical servers,” he said. “They’re unable to use the application the servers are supposed to provide, and that’s really starting to impact them.”