Matthew Gardiner

by Matthew Gardiner

Director of Enterprise Security Campaigns

Posted Jun 19, 2019

Mimecast’s State of Email Security Report shows ransomware attacks aren’t slowing down.

GettyImages-890153720.jpg

Don’t be lulled by crypto-mining (or cryptojacking) alarmists into thinking that crypto-mining is replacing ransomware as a major new security threat.

What is Crypto-Mining?

Crypto-mining is the unauthorized use of someone else’s computers to mine various crypto-currencies for the sole benefit of the cybercriminal.

Essentially crypto-mining is stealing compute and network resources to do the calculations required to mine crypto-currency. To do this makes sense (if you are a criminal), as mining crypto-currencies can consume a lot of computing resources as well as electricity, that can make the cost outweigh the value of the mined coins. Mining it is much more profitable when someone else pays the cost but doesn’t reap the coin!

Why Crypto-Mining is not the New Ransomware

In some articles published in 2018 there was an implication that ransomware focused cybercriminals were switching their focus from ransomware to crypto-mining. While no doubt true in some cases, as most criminals are focused on making money and don’t have a preference on how they do it, my view was that the prediction of switching en masse was not likely to happen.

The cybersecurity research data we just published as part of our annual State of Email Security Report for 2019 does not support the view that the ransomware wave is waning. If anything, just the opposite is happening. The highly publicized ransomware attack on the City of Baltimore is a representative example of this trend, but of course is just a one-off example. 

Our cybersecurity research data show that:

  • Ransomware attacks are up 26% year-over-year, with more than half of organizations having experienced a ransomware attack that impacted their business operations in 2018.
  • The USA had the highest percentage of reported ransomware caused business impacts at 61%, with the lucky UK showing the lowest percentage impacted at 39%. Both are remarkably high percentages though.
  • The average amount of system downtime caused by ransomware stayed steady at three days, with 86% of organizations that had experienced a ransomware attack suffering at least two days of downtime. That is a lot of time to be down, although the City of Baltimore has experienced much worse than that.

Furthermore, the 2019 Verizon Data Breach Investigation Report found that ransomware accounted for 24% of all incidents where malware was used. Among the same data set, crypto-mining only accounted for 2% of malware incidents.

Remain Vigilant with New Cyberattacks

The takeaway; what is tried and true in the cybercriminal world doesn’t go away until it truly becomes ineffective and unprofitable. New cyberattacks do arrive on the scene, of course, but cybercrime is not a zero-sum game. If it is profitable it will remain popular until it isn’t.

Thus, organizations can’t shift their cybersecurity defenses away from one cyberattack because a new one appears on the scene, they must continuously expand and improve upon their cybersecurity controls to be better prepared for the next one, while defending against the currently popular ones.

SOES19_blog_footer.jpg

Want more great articles like this?Subscribe to our blog.

Get all the latest news, tips and articles delivered right to your inbox

Matthew Gardiner

by Matthew Gardiner

Director of Enterprise Security Campaigns

Posted Jun 19, 2019

You may also like:

The Rising Tide of Cyber Awareness Training in Today’s Enterprise

Adoption is rising, but is it happening …

Adoption is rising, but is it happening fast enough? Here&r… Read More >

Michael Madon

by Michael Madon

SVP & GM of Mimecast Security Awareness

Posted Jun 11, 2019

Real Examples of Threats Missed by Email Security Systems

A new view of the Mimecast Email Securit…

A new view of the Mimecast Email Security Risk Assessment. … Read More >

Matthew Gardiner

by Matthew Gardiner

Director of Enterprise Security Campaigns

Posted Jun 03, 2019

Is Dynamic Analysis Enough to Stop Evasive Malware Attacks?

Malware authors are evolving as quickly …

Malware authors are evolving as quickly as the AV and securi… Read More >

Meni Farjon

by Meni Farjon

Chief Scientist for Advanced Threat Detection

Posted May 14, 2019