UK National Cyber Security Centre Lists Cryptojacking As “Significant” Threat

  • The UK's National Cyber Security Centre revealed cryptojacking is a cause for concern, and that it may become a legitimate source of income for website owners.
  • Cryptojacking has been growing in popularity among cybercriminals, and may affect a growing number of people in the next few years.

According to a report published by the UK’s National Cyber Security Centre (NCSC) this week, cryptojacking will be categorised as a form of cybercrime in the UK, as it is now seen as a “significant” cybersecurity concern. Per the organization, it’s likely going to “become a regular source of income for website owners.”

Cryptojacking essentially sees cybercriminals use other people’s computer resources to mine cryptocurrencies. Often, criminals mine privacy-centric cryptocurrencies like Monero (XMR), both to avoid detection and maximize profits mining with CPUs.

In the NCSC's comprehensive report, activities like cryptojacking, the use of cryptocurrency within targeted cybercrime, and ransomware were added as cause for concern. Unlike conventional currencies, cryptocurrencies like Monero offer anonymity to their users, cutting off potential trails leading to the criminals’ arrest.

Cryptojacking On The Rise

According to the report, cryptojacking cases have been increasing in number since 2016. Research conducted in December 2017 showed that 55% of businesses across the world have been infiltrated by cybercriminals looking to use their systems to mine.

By 2018/19, it's believed that cryptojacking will expand and affect a fast-growing number of people and businesses across the world. The report goes on to demonstrate that there are already 600 websites operating in the UK using visitor CPU resources to mine cryptocurrencies. The document reads:

"The technique of delivering cryptocurrency miners through malware has been used for several years, but it is likely in 2018-19 that one of the main threats will be a newer technique of mining cryptocurrency which exploits visitors to a website."

NCSC report

The report further notes that when being cryptojacked, users may only notice a “slight slowdown in performance,” meaning some cases go undetected. Although most cases involve cybercriminals using people’s resources without their consent, some websites ask for user consent as an alternative to showing ads.

The NCSC, at the end of the report, advised users to protect themselves with ad blockers and anti-malware programs that block cryptojacking scripts. A few browsers, including Opera and Brave, have built-in tools that block cryptocurrency miners.

Cybercrime in the UK has increased over the past few years; from WannaCry to present, with a growing number of crimes taking place in the UK. According to the Office of National Statistics, the volume of cybercrime has risen by 63% compared to last year.

The monetary cost of the rising cybercrime attacks has provoked action; the cabinet office reported that, without countermeasures, cybercrime would cost British businesses and taxpayers up to £27 billion (~$38 billion) annually.

Weekly Newsletter

Electronic Frontier Foundation Protecting Former Kraken Employees in Exchange Lawsuit

  • The Electronic Frontier Foundation (EFF) has filed a motion to quash crypto exchange Kraken's attempt to reveal the identity of anonymous former employees posting on workplace review site Glassdoor.
  • Kraken argues that employees are violating the terms of their severance contract. 

The Electronic Frontier Foundation (EFF) has announced that it will be protecting former Kraken employees from being targeted by the exchange over reviews they left.

The EFF, a non-profit organization defending civil liberties in the digital world, has asked a state court to protect the identity of anonymous commenter on workplace review site Glassdoor, who is now reportedly being targeted by their former employer Kraken. 

According to a post published Wednesday, the EFF has filed a motion to strike down a subpoena for identifying information on the anonymous client, which was originally put forth by cryptocurrency exchange Kraken. Kraken has filed a suit against multiple anonymous reviewers, seeking to identify the former employees based upon a claim of a breach in severance agreements. 

The EFF says multiple anonymous comments were made to Glassdoor about the exchange Kraken following a series of layoffs. The EFF client referenced in the post, monikered as “J. Doe,” originally wrote a review of the workplace, taking care not to breach their severance agreement with the exchange. 

While Kraken initially responded to the review by thanking the anonymous client for their feedback, the company made an abrupt change in course in May 2019. The EFF claims that Kraken filed a lawsuit against J. Doe and nine other defendants, citing a breach in contracts. The exchange also reached out to former employees and demanded they delete any workplace reviews. 

EFF Staff Attorney Aaron Mackey said, 

This litigation is designed to harass and silence current and former Kraken employees for speaking about their experiences at the company.

He continued, 

Kraken’s efforts to unmask and sue its former employees discourages everyone from talking about their work and demonstrates why California courts must robustly protect anonymous speakers’ First Amendment rights.

In the motion filed Tuesday, EFF asked the Superior Court in Marin County, California, to adopt stronger legal protection for its clients and other anonymous speakers, who require more than “a mere allegation of illegal activity” before allowing the breach in anonymity. 

EFF Frank Stanton Legal Fellow Naomi Gilens said, 

Kraken cannot show that Doe’s review was defamatory or otherwise unprotected by the Constitution, so it instead seeks to leverage its contract claims to identify, and potentially retaliate against, Doe.

She concluded, 

Given Kraken’s tactics, we are asking the court to embrace stronger First Amendment protections for Doe and anyone else who is targeted for speaking out.

Featured Image Credit: Photo via Pixabay.com