Singapore Sees 300% Yearly Spike in Q1 Cryptojacking Attacks Amid COVID-19
Data published by Russian cybersecurity firm Kaspersky indicates that Singapore has seen a significant increase in the prevalence of attempted cryptojacking attacks during the first quarter of 2020.
Kaspersky estimates that 11,700 attacks were attempted on devices located in Singapore from January until March — up from 2,900 as of the first Q1 2019.
Kaspersky asserted that the spike in attacks is the highest percentage increase posted within the South-East Asian region.
Cryptojacking attacks up three-fold in Singapore
In an interview with Straits Times, Kaspersky’s general manager for South-East Asia, Yeo Siang Tiong, described Singapore’s high-performance internet infrastructure as attracting the operations of malicious cyber actors.
“Cyber criminals use various means to install miner programs on other people's computers, preferably in bulk, and take all of the profit from cryptocurrency mining without incurring any of the equipment or electricity costs," said Tiong.
Tiong asserts that the increasing difficulty of mining incentivizes cryptojackers seeking to command a botnet network rather than targeting individual devices, stating:
“It is now no longer profitable to mine cryptocurrency using one's own equipment and electricity. It is better to resort to hijacking other resources for the mining of cryptocurrency.”
Coronavirus creates new opportunities for hackers
The cybersecurity head at law firm Eversheds Harry Elias, K.K. Lim, attributed the recent increase in cryptojacking attacks to large numbers of individuals working from home, or WFH, amid the COVID-19 pandemic creating lots of low-hanging fruit for attackers.
“We can definitely say that WFH increases the opportunity just like phishing, because some WFH home computers may not update their security updates as it is a general computer used by everyone," said Lim.
“Practising good basic cyber hygiene like not clicking on unknown links in email, going to official government, commercial and legitimate websites for news and other information, having updated end-point security and constant training for corporates are some effective ways to avoid these crypto miners,” Lim added.
In April, security firm Acronis echoed the assertions of Eversheds and Kaspersky, estimating that the later weeks of March saw a dramatic spike in the number of crypto mining attacks targeting consumers.