Most of us are well aware of ransomware and how prolific of an attack vector it has become. Attacks such as SamSam, WannaCry, NotPetya, Petya and others have resulted in significant economic damage to their victims, either through ransom payments or the associated downtime. Ransomware can arrive in many forms including phishing email attachments, embedded in malicious website downloads (“drive-by downloading”), a web link that automatically downloads the ransomware when clicked or being infected through a standard hacking attack.
Executive SummaryCryptojacking attacks come with no demands for ransom, but even though individuals and companies who are victims aren't directly impacted by attempts to use their devices to mine virtual currencies, insurers should be mindful of possible risks. Here, One Beacon Technology's Tusar Nandwana explains the attacks, the potential of insurable claims and offers advice to lower the possibility of being a victim.
Now imagine being on the receiving end of a similar attack—but there is no request for a ransom. In fact, you are likely unaware that you have been attacked by malware as there has been no data theft, damage to your computers or extortion. Instead, malware is uploaded to your system simply to steal your computing power to mine a variety of virtual currencies. These cyber attacks are known as “cryptojacking,” where cybercriminals steal computing power from unsuspecting sources so they can use it to mine difficult-to-track virtual currencies such as Monero and ZCash.