ITAlthough cryptojacking remains a threat to all businesses, small and medium-sized businesses (SMBs) are most frequently targeted – with small businesses accounting for one-third of cryptomining traffic and med-sized accounting for one half. As a result, unsuspecting organizations can spend hundreds of thousands of dollars in an attempt to restore operations.
As a small to mid-sized business owner, here’s what you need to know:
Experts define cryptojacking as the unauthorized use of someone else’s computer to mine cryptocurrency. Cybercriminals install miner programs on one or several devices with an aim to profit on cryptocurrency mining without incurring the costs associated with hardware or electricity (in short, it uses your machines and electricity to process cryptocurrency transactions).
Cryptojacking typically occurs in one of two ways: phishing attacks and web browser miners. In the first instance, hackers will send unsuspecting employees an authentic-looking email encouraging them to click on a malicious link or downloadable attachment. From here, the cryptomining script is secretly loaded onto the victim’s computer.
See: 5 Best Practices for Protecting Company Email
The second method involves the injection of the cryptomining script on a website or ad that appears on multiple sites. The script is then automatically executed, although in this case, no code is stored on the employee’s computer.
In both scenarios, the script runs off the target’s computer, sending results to the cybercriminal’s server.
While larger corporations are also frequent targets for cryptojacking, SMBs are more susceptible due to restricted IT budgets and undertrained staff (in cybersecurity).
Other factors that make SMBs more vulnerable include:
Often, many businesses do not address technology related issues until they happen.
According to a survey performed by Forbes, small business priorities for 2022 are centered around customer experience, diversity and inclusion, and finding better talent. 80% of small businesses are already using cloud solutions or plan to in the next year.
Yet we still see that 47% of small businesses with less that 50 employees that do not dedicate any budget to cyber security.
To avoid issues like cryptojacking, it's important to remain proactive on how you manage your technology and IT budget for things like maintenance and upgrades to your infrastructure.
Here's a concept that can't die fast enough: Cybersecurity as an 'IT department' issue.
Did you know that 88% of data breaches are caused by human error?
Your employees are the most common weak link for cybersecurity related issues, so why treat things as if a special group of people should be the only ones responsible for it?
Creating a company culture of responsibility around network security and cybersecurity in general should become a must-have for every business, no matter what industry.
It can mean the difference between having your devices cryptojacked or worse.
Not sure where to start in modernizing your security policies? Try reading the guide we put together a guide outlining 9 IT Security Policies Every Business Should Have.
IT personnel can still come in all shapes and sizes - you may have a single person in your business that "knows computers", or you may already work with an IT partner or department of some type.
... and they still may have shortcomings - not all IT companies, specialists, or consultants are created equal.
Cryptojacking is a real threat that can easily affect businesses of any size, but more often than not, small businesses are the biggest target. Do you know if your IT personnel is capable of handling this sort of threat?
If you're not sure how to get started, or can't afford to employ full time IT staff members; managed IT services from a managed service provider could be an effective way to take a leap forward making your business more proactive with technology.
BONUS: If you're already working with an IT company, you may want to see what their capabilities are - we created a free guide for you to download: 27 Questions To Help You Find The Best IT Provider.
Unlike ransomware and other forms of malware that tend to make themselves more evident, cryptojacking can be challenging to identify.
Here’s what to watch out for:
In the case of cryptojacking, the best defence is a good offence. In addition to employing a preventative, risk-based approach to your SMB’s IT security needs, be sure to apply the following tactics:
Take a proactive approach to protecting your SMB with the help of GAM Tech’s Free IT Audit. Learn more about our affordable, fully comprehensive managed IT services by booking your Free Consultation today.
Related:
Sources: Securitynow.com, Cisco.com, Kapersky.com, Norton.com, Csoonline.com