Scarinci Hollenbeck, LLC, LLCScarinci Hollenbeck, LLC, LLC

Firm Insights

Could Your New Jersey or New York Business Fall Victim to Cryptojacking?

Author: Scarinci Hollenbeck, LLC

Date: June 20, 2018

Key Contacts

Back

Businesses Are Increasingly Falling Victim to a New Cyber Scheme Known as Cryptojacking…

Businesses around the world are increasingly falling victim to cryptojacking – a new cyber scheme where criminals hijack central processing unit (CPU) power from unsuspecting computer users to mine cryptocurrencies. The rapid evolution of cyber threats highlights the importance of regularly updating your company’s cybersecurity and data protection protocols.

Could Your Business Fall Victim to Cryptojacking?
Photo courtesy of NeONBRAND (Unsplash.com)

Cryptojacking Poses Growing Threat

Cryptojacking is the latest scheme involving malware spread via fake online advertisements. When a user clicks on the ad, it executes malicious code that allows the attackers to mine cryptocurrency via the user’s browser. More sophisticated attacks can infiltrate vulnerable systems that simply display the illegitimate ad without any involvement by the user.

Some websites allow browser-based cryptomining as a means of generating income. Unlike cybercriminals, legitimate websites use a small percentage of the computer’s resources to run mining code in the background, but only if visitors provide consent. Conversely, hackers use far more aggressive techniques and circumvent security features to remain undetected for as long as possible.

Earlier this year, cryptojacking surpassed ransomware as the number one type of attack on the internet, according to Akouto. The Canadian cybersecurity firm’s servers tracked a 3,500 percent spike in attempted intrusions in March of 2018.

“March was an incredibly active month for the combined malvertising-cryptojacking attack,” said Akouto founder Dominic Chorafakis. “Starting on March 7th, our central monitoring servers recorded a spike in attacks being blocked by managed Intrusion Prevention systems on customer networks,” Chorafakis continued. “The attempts were detected at virtually every site at a rate that was 3500% higher than the months prior. Reports in April showed a decrease in activity but still averaged 700% higher than the first two months of 2018.”

While cybercriminals may not steal data, cryptojacking can result in a loss of productivity for business because it slows systems, makes them use more energy, and may even render them unresponsive. Devices infected with the malware may also suffer from an increase in application crashes and may stop working completely.

Cyber Vigilance Is Essential

Staying on top of cyber threats is increasingly important, as both regulators and customers are holding companies more accountable for lapses in security. In New York, the Department of Financial Services continues to roll out its cybersecurity regulations.

As discussed in greater detail in prior articles, the regulations require that financial service companies “establish and maintain a cybersecurity program designed to ensure the confidentiality, integrity and availability of the Covered Entity’s Information Systems.” The cybersecurity requirements further mandate that covered entities implement cybersecurity policies that are tailored to their unique risks and needs.

Of particular note, entities subject to the DFS regulations must appoint a chief information security officer to implement and enforce the policies. Other requirements under the regulation include: adopting policies and procedures designed to ensure the security of information systems and nonpublic information accessible to, or held by, third-parties; requiring multi-factor authentication for individuals accessing internal systems who have privileged access or to support functions including remote access; drafting an incident response plan to recover from any cybersecurity event; and conducting annual penetration testing and vulnerability assessments. This February, new annual certification requirements took effect under which a board member or senior officer at all regulated entities must certify annually that the company is in compliance with the DFS cybersecurity requirements. 

In New Jersey, Attorney General Gurbir S. Grewal recently announced the creation of a new civil enforcement unit, known as the Data Privacy & Cybersecurity (DPC) Section. The new DPC Section will be housed within the Division of Law’s Affirmative Civil Enforcement Practice Group and will be tasked with enforcing laws that protect New Jersey residents’ data privacy and cybersecurity by bringing affirmative civil actions against violators.  Among other priorities, the DPC Section will assume responsibility for the Office’s ongoing investigation into Facebook’s transfer of personal information to Cambridge Analytica. According to Facebook, approximately 1.6 million users in New Jersey were impacted.

In addition to enhanced regulatory scrutiny, businesses also face increased reputational harm in the wake of a cyberattack. Customers now expect companies to have robust data security procedures in place and assign blame when they fall short. Given the risks, businesses should consider taking steps to mitigate the risk of cryptojacking, such as reviewing software patch policies, analyzing website security, and implementing security programs that can block access to crypto mining scripts. 

No Aspect of the advertisement has been approved by the Supreme Court. Results may vary depending on your particular facts and legal circumstances.

Scarinci Hollenbeck, LLC, LLC

Related Posts

See all
Common Causes of Partnership Disputes and How to Resolve Them post image

Common Causes of Partnership Disputes and How to Resolve Them

Business partnerships, much like marriages, function exceptionally well when partners are aligned but can become challenging when disagreements arise. Partnership disputes often stem from conflicts over business strategy, financial management, and unclear role definitions among partners. Understanding Business Partnership Conflicts Partnership conflicts place significant stress on businesses, making proactive measures essential. Partnerships should establish detailed […]

Author: Christopher D. Warren

Link to post with title - "Common Causes of Partnership Disputes and How to Resolve Them"
President Trump's Termination of Member Gwynne Wilcox post image

President Trump's Termination of Member Gwynne Wilcox

On January 28, 2025, the Trump Administration terminated Gwynne Wilcox from her position as a Member of the National Labor Relations Board (NLRB or the Board). Gwynne Wilcox, a union side lawyer for Levy Ratner, was confirmed to the Board for an original term in 2021 and confirmed again for a successive five-year term expiring […]

Author: Matthew F. Mimnaugh

Link to post with title - "President Trump's Termination of Member Gwynne Wilcox"
How to Dissolve a Corporation in New Jersey: A Step-by-Step Guide post image

How to Dissolve a Corporation in New Jersey: A Step-by-Step Guide

Closing your business can be a difficult and challenging task. For corporations, the process includes formal approval of the dissolution, winding up operations, resolving tax liabilities, and filing all required paperwork. Whether you need to understand how to dissolve a corporation in New York or New Jersey, it’s imperative to take all of the proper […]

Author: Christopher D. Warren

Link to post with title - "How to Dissolve a Corporation in New Jersey: A Step-by-Step Guide"
Gross Lease vs. Net Lease: Understanding the Key Differences post image

Gross Lease vs. Net Lease: Understanding the Key Differences

Commercial leases can take a variety of forms, which is often confusing for both landlords and tenants. Understanding the different types, especially the gross lease structure, is important when selecting the lease that best suits your needs. One key distinction between lease types is how rent is calculated and paid. This article addresses the two […]

Author: Robert L. Baker, Jr.

Link to post with title - "Gross Lease vs. Net Lease: Understanding the Key Differences"

No Aspect of the advertisement has been approved by the Supreme Court. Results may vary depending on your particular facts and legal circumstances.

Sign up to get the latest from our attorneys!

Explore What Matters Most to You.

Consider subscribing to our Firm Insights mailing list by clicking the button below so you can keep up to date with the firm`s latest articles covering various legal topics.

Stay informed and inspired with the latest updates, insights, and events from Scarinci Hollenbeck. Our resource library provides valuable content across a range of categories to keep you connected and ahead of the curve.

Let`s get in touch!

* The use of the Internet or this form for communication with the firm or any individual member of the firm does not establish an attorney-client relationship. Confidential or time-sensitive information should not be sent through this form.

Sign up to get the latest from the Scarinci Hollenbeck, LLC attorneys!

Please select a category(s) below: