According to the 2022 SonicWall’s Cyber Threat Report, global cryptojacking volume rose to 66.7 million attacks in 2022, up 30% over the first half of 2021. Cryptojacking refers to a cybercrime where the attacker gains access to the victim’s computer or mobile device’s computing power and uses this for cryptocurrency mining without the knowledge and authorisation of the victim.
Cybercriminals are shifting away from high-profile crimes in preference to lower-risk crimes. Cryptojacking is one such avenue that cybercriminals are exploring. Cryptojackers do not need to communicate with their victims to receive ransom payouts, nor do they need to engage crypto exchanges to cash out the proceeds of crypto hacks. Cryptojacking also makes it harder to identify the source of the attack.
Following the crackdown by law enforcement agencies on crypto scams and hacking, cybercriminals are changing their mode of attack and looking for new targets. The SonicWall report states, “After governments stepped up ransomware awareness and enforcement efforts, and ransomware attacks such as those against Colonial Pipeline and Kaseya led to high-profile busts, some ransomware operators have decided they’re ready for a quieter life”.
SonicWall recorded 45.1 million attacks in Q1 2022, whilst the volume of attacks recorded in Q2 2022 was 21.6 million. As per the report, the three industries most affected by cryptojacking, namely government, healthcare and education, saw attack volumes drop by.78%, 87% and 96%, respectively. However, cryptojacking targeting the retail industry increased 63% year-to-date, while attacks on the financial sector skyrocketed 269%.
The report further pointed out that: “the average percentage of customers targeted by cryptojacking in the first half of 2022 was down over the same period in 2021. And every industry saw a Q2 with fewer customers targeted than Q1, and a June that ended in a better place than January started”.
This could signify that efforts in combating cryptojacking are beginning to pay off. There is likely to be a shift by cyber criminals to alternative and less conspicuous modes of cyber attacks. As awareness against cybercrime grows, businesses will continuously invest in infrastructure and processes to improve their security posture.