By Chris Goettl, Security Evangelistat Ivanti
The financial sector has been reluctant to get fully behind cryptocurrencies, but while it might have experienced something akin to a crash from its peak of close to $20,000 on December 17th2017, Bitcoin (and other cyrptocurrencies) are still hot commodities. Now sat at a little over $6,000, many have cooled off their interest in cryptocurrencies and that volatility has done little to convince banks that their customers should be able to use their credit cards to invest.However, there are still a large number of people who see an opportunity to profit, but a small portion of those interested aren’t looking to invest or mine for the currency themselves; they only want to steal it.
The practice known as cryptojacking sees malicious actors run cryptocurrency-mining software in the background of a user’s computer without their permission or knowledge. Cryptojacking has quickly become the preferred method of attack for hackers, with a recent report claiming that there has been a “massive shift from ransomware to cryptomining”, with the newer tactic accounting for 35 percent of threats. The vast majority of these attacks will mine for a currency called Monero, which, like others, uses a public ledger but the difference is that Monero’s is obfuscated to the point where no one can tell its source, amount or destination. That obfuscation speaks again to the financial sector’s reticence on making any definitive statements about cryptocurrencies. While blockchain-based currencies have the potential to reduce organised fraud, they are currently largely unregulated, with the UK’s Treasury Committee recently describing the crypto-landscape as a ‘Wild West’.
It’s worth noting that cryptojacking is an entirely new form of financial crime. Unlike a bank robbery or printing counterfeit money, the currency being generated is not what is being stolen. It is the computer time that is being stolen. The cost for common processors to generate crytocurrency is now costlier than the amount of currency generated. So, in this case the threat actor is walking away with the information needed to allow them to claim the next block in the chain and you get stuck with the power bill which was more than the currency generated.In effect, anybody with a computer can mine for cryptocurrency though to make any significant amount of money requires investment in expensive components purpose built for cryptopmining or to transfer that cost to unwitting users, which is what cryptojackers are exploiting.
There are two forms of cryptojacking that both work towards the same end: using a system’s power to mine for currencies. The first form, cryptojacking malware, works in a similar way to other malware variants. Hackers will sneak cryptocurrency miners into software which then runs in a computer’s background processing. This form largely preys upon vectors like out-of-date applications and operating systems, like Windows XP. One large scale crypto hacking attack saw malware inserted into vulnerable versions of the popular Jenkins X platform and hackers pocketed an estimated $3.4 million.
The second variant called ‘drive-by’ cryptojacking does not require the installation of any software or applications and can be carried out on any device using a web browser. These attacks take place when web pages infected with a mining script are open on a user’s device. The website will then mine for cryptocurrency using the device without the user’s knowledge or consent. Millions of Android users experienced this in early 2018. Many devices browsing the web found themselves forcefully redirected to a page that claimed: “Your device is showing suspicious surfing behaviour. Please prove that you are human by solving the captcha.” Until the particular code was entered, the phone or tablet was mining for the Monero cryptocurrency at the maximum speed of the CPU. With an average time of four minutes spent on the page per user, each user probably only generated fractions of pennies but it all adds up. The hackers didn’t quite earn the same amount of money as the previous example(reportedly ‘a few thousand dollars a month’), but that is still money being earned through cryptojacking, and costs are being passed onto users.
Cryptojacking should have an obvious effect on a device, from overactive fans and a fast-draining battery to uncharacteristic sluggishness in use. These symptoms, while being obvious to someone who is alert to the issue, are easy to go undetected particularly if the devices are still operational. Users tend to only go to the IT help desk in the event that their device stops working altogether. An affected device will not only perform operationally worse, but there is a higher risk of that device ceasing to work altogether. Cryptomining pushes components to their maximum capacity, which if left for too long can break the individual part, or in worst case scenarios the overheating could destroy a device entirely or cause a fire.
On top of the costs of having to potentially replace devices and employees being slowed down, is the added energy bill. For example, the electric cost of cryptojacking (Coinhive in this case) on an average desktop computer was 1.212kWh of electricity over the space of 24 hours.According to the Energy Savings Trust, the average cost of electricity in the UK per kWh is 14.37p, so this would cost 17.42p per day, or £5.22 per month. With potentially thousands of computers affected within a company that could add up to a massive energy bill.
There is no one easy solution to prevent cryptojacking; both administrators and users need to do their bit. Organisations need to carefully monitor and check the devices that are on their networks and when using third party tools they should put protections into place and not link directly to source codes. Businesses also should adopt a layered approach to cybersecurity that reduces attack surfaces, detects attacks that do get through, and helps cybersecurity professionals to take rapid action to contain malicious activity and software vulnerabilities.
From a user perspective, staff should be encouraged to employ best cyber practices. This includes not downloading files from suspicious website or opening attachments from unrecognised email addresses. Users can also protect themselves by employing browser plug-ins that block attempts from websites trying to hijack their PCs.
It should also be noted that the volatility of cryptocurrency itself might end up being the cure for cryptojacking. As mentioned above, Bitcoin (along with other altcoins) have seen their value plummet over the past year. If cryptojacking can no longer prove to be profitable because the investment in the tools required is not matched by the reward, then it may well be the markets that solve the issue.
But while that volatility is out of the control of businesses, what they can do is shore up their infrastructure. Cryptojacking is the latest popular tool of hackers, but with the right mind-set and solution it is easily preventable by keeping applications and operating systems up-to-date. By investing in cybersecurity technology and training for users, organisations can defend against cryptominers and deter them from attacking their systems. And maybe with these systems in place, the financial sector can truly start to see the positives in blockchain-based currencies.
UK might need negative rates if recovery disappoints – BoE’s Vlieghe
By David Milliken and William Schomberg
LONDON (Reuters) – The Bank of England might need to cut interest rates below zero later this year or in 2022 if a recovery in the economy disappoints, especially if there is persistent unemployment, policymaker Gertjan Vlieghe said on Friday.
Vlieghe said he thought the likeliest scenario was that the economy would recover strongly as forecast by the central bank earlier this month, meaning a further loosening of monetary policy would not be needed.
Data published on Friday suggested the economy had stabilised after a new COVID-19 lockdown hit retailers last month, while businesses and consumers are hopeful a fast vaccination campaign will spur a recovery.
Vlieghe said in a speech published by the BoE that there was a risk of lasting job market weakness hurting wages and prices.
“In such a scenario, I judge more monetary stimulus would be appropriate, and I would favour a negative Bank Rate as the tool to implement the stimulus,” he said.
“The time to implement it would be whenever the data, or the balance of risks around it, suggest that the recovery is falling short of fully eliminating economic slack, which might be later this year or into next year,” he added.
Vlieghe’s comments are similar to those of fellow policymaker Michael Saunders, who said on Thursday negative rates could be the BoE’s best tool in future.
Earlier this month the BoE gave British financial institutions six months to get ready for the possible introduction of negative interest rates, though it stressed that no decision had been taken on whether to implement them.
Investors saw the move as reducing the likelihood of the BoE following other central banks and adopting negative rates.
Some senior BoE policymakers, such as Deputy Governor Dave Ramsden, believe that adding to the central bank’s 875 billion pounds ($1.22 trillion) of government bond purchases remains the best way of boosting the economy if needed.
Vlieghe underscored the scale of the hit to Britain’s economy and said it was clear the country was not experiencing a V-shaped recovery, adding it was more like “something between a swoosh-shaped recovery and a W-shaped recovery.”
“I want to emphasise how far we still have to travel in this recovery,” he said, adding that it was “highly uncertain” how much of the pent-up savings amassed by households during the lockdowns would be spent.
By contrast, last week the BoE’s chief economist, Andy Haldane, likened the economy to a “coiled spring.”
Vlieghe also warned against raising interest rates if the economy appeared to be outperforming expectations.
“It is perfectly possible that we have a short period of pent up demand, after which demand eases back again,” he said.
Higher interest rates were unlikely to be appropriate until 2023 or 2024, he said.
($1 = 0.7146 pounds)
(Reporting by David Milliken; Editing by William Schomberg)
UK economy shows signs of stabilisation after new lockdown hit
By William Schomberg and David Milliken
LONDON (Reuters) – Britain’s economy has stabilised after a new COVID-19 lockdown last month hit retailers, and business and consumers are hopeful the vaccination campaign will spur a recovery, data showed on Friday.
The IHS Markit/CIPS flash composite Purchasing Managers’ Index, a survey of businesses, suggested the economy was barely shrinking in the first half of February as companies adjusted to the latest restrictions.
A separate survey of households showed consumers at their most confident since the pandemic began.
Britain’s economy had its biggest slump in 300 years in 2020, when it contracted by 10%, and will shrink by 4% in the first three months of 2021, the Bank of England predicts.
The central bank expects a strong subsequent recovery because of the COVID-19 vaccination programme – though policymaker Gertjan Vlieghe said in a speech on Friday that the BoE could need to cut interest rates below zero later this year if unemployment stayed high.
Prime Minister Boris Johnson is due on Monday to announce the next steps in England’s lockdown but has said any easing of restrictions will be gradual.
Official data for January underscored the impact of the latest lockdown on retailers.
Retail sales volumes slumped by 8.2% from December, a much bigger fall than the 2.5% decrease forecast in a Reuters poll of economists, and the second largest on record.
“The only good thing about the current lockdown is that it’s no way near as bad for the economy as the first one,” Paul Dales, an economist at Capital Economics, said.
The smaller fall in retail sales than last April’s 18% plunge reflected growth in online shopping.
BORROWING SURGE SLOWED IN JANUARY
There was some better news for finance minister Rishi Sunak as he prepares to announce Britain’s next annual budget on March 3.
Though public sector borrowing of 8.8 billion pounds ($12.3 billion) was the first January deficit in a decade, it was much less than the 24.5 billion pounds forecast in a Reuters poll.
That took borrowing since the start of the financial year in April to 270.6 billion pounds, reflecting a surge in spending and tax cuts ordered by Sunak.
The figure does not count losses on government-backed loans which could add 30 billion pounds to the shortfall this year, but the deficit is likely to be smaller than official forecasts, the Institute for Fiscal Studies think tank said.
Sunak is expected to extend a costly wage subsidy programme, at least for the hardest-hit sectors, but he said the time for a reckoning would come.
“It’s right that once our economy begins to recover, we should look to return the public finances to a more sustainable footing and I’ll always be honest with the British people about how we will do this,” he said.
Some economists expect higher taxes sooner rather than later.
“Big tax rises eventually will have to be announced, with 2022 likely to be the worst year, so that they will be far from voters’ minds by the time of the next general election in May 2024,” Samuel Tombs, at Pantheon Macroeconomics, said.
Public debt rose to 2.115 trillion pounds, or 97.9% of gross domestic product – a percentage not seen since the early 1960s.
The PMI survey and a separate measure of manufacturing from the Confederation of British Industry, showing factory orders suffering the smallest hit in a year, gave Sunak some cause for optimism.
IHS Markit’s chief business economist, Chris Williamson, said the improvement in business expectations suggested the economy was “poised for recovery.”
However the PMI survey showed factory output in February grew at its slowest rate in nine months. Many firms reported extra costs and disruption to supply chains from new post-Brexit barriers to trade with the European Union since Jan. 1.
Vlieghe warned against over-interpreting any early signs of growth. “It is perfectly possible that we have a short period of pent up demand, after which demand eases back again,” he said.
“We are experiencing something between a swoosh-shaped recovery and a W-shaped recovery. We are clearly not experiencing a V-shaped recovery.”
($1 = 0.7160 pounds)
(Editing by Angus MacSwan and Timothy Heritage)
Oil extends losses as Texas prepares to ramp up output
By Devika Krishna Kumar
NEW YORK (Reuters) – Oil prices fell for a second day on Friday, retreating further from recent highs as Texas energy companies began preparations to restart oil and gas fields shuttered by freezing weather.
Brent crude futures were down 33 cents, or 0.5%, at $63.60 a barrel by 11:06 a.m. (1606 GMT) U.S. West Texas Intermediate (WTI) crude futures fell 60 cents, or 1%, to $59.92.
This week, both benchmarks had climbed to the highest in more than a year.
“Price pullback thus far appears corrective and is slight within the context of this month’s major upside price acceleration,” said Jim Ritterbusch, president of Ritterbusch and Associates.
Unusually cold weather in Texas and the Plains states curtailed up to 4 million barrels per day (bpd) of crude production and 21 billion cubic feet of natural gas, analysts estimated.
Texas refiners halted about a fifth of the nation’s oil processing amid power outages and severe cold.
Companies were expected to prepare for production restarts on Friday as electric power and water services slowly resume, sources said.
“While much of the selling relates to a gradual resumption of power in the Gulf coast region ahead of a significant temperature warmup, the magnitude of this week’s loss of supply may require further discounting given much uncertainty regarding the extent and possible duration of lost output,” Ritterbusch said.
Oil fell despite a surprise drop in U.S. crude stockpiles in the week to Feb. 12, before the big freeze. Inventories fell by 7.3 million barrels to 461.8 million barrels, their lowest since March, the Energy Information Administration reported on Thursday. [EIA/S]
The United States on Thursday said it was ready to talk to Iran about returning to a 2015 agreement that aimed to prevent Tehran from acquiring nuclear weapons. Still, analysts did not expect near-term reversal of sanctions on Iran that were imposed by the previous U.S. administration.
“This breakthrough increases the probability that we may see Iran returning to the oil market soon, although there is much to be discussed and a new deal will not be a carbon-copy of the 2015 nuclear deal,” said StoneX analyst Kevin Solomon.
(Additional reporting by Ahmad Ghaddar in London and Roslan Khasawneh in Singapore and Sonali Paul in Melbourne; Editing by Jason Neely, David Goodman and David Gregorio)
UK might need negative rates if recovery disappoints – BoE’s Vlieghe
By David Milliken and William Schomberg LONDON (Reuters) – The Bank of England might need to cut interest rates below...
UK economy shows signs of stabilisation after new lockdown hit
By William Schomberg and David Milliken LONDON (Reuters) – Britain’s economy has stabilised after a new COVID-19 lockdown last month...
Dollar extends decline as risk appetite favors equities
By Stephen Culp NEW YORK (Reuters) – The dollar lost ground on Friday, extending Thursday’s decline as improved risk appetite...
Bitcoin hits $1 trillion market cap, soars to another record high
By Gertrude Chavez-Dreyfuss and Tom Wilson NEW YORK/LONDON (Reuters) – Bitcoin touched a market capitalization of $1 trillion as it...
Shares rise as cyclical stocks provide support; yields climb
By Saqib Iqbal Ahmed NEW YORK (Reuters) – A gauge of global equity markets snapped a 3-day losing streak to...
Battling Covid collateral damage, Renault says 2021 will be volatile
By Gilles Guillaume PARIS (Reuters) – Renault said on Friday it is still fighting the lingering effects of the COVID-19...
Portable Oxygen Concentrators Market to Register 7.8% CAGR Through 2026; Sales to Surge as Oxygen Therapy Becomes Crucial in Covid-19 Treatments
Portable oxygen concentrator manufacturers are largely concerned with the maintenance of inventories throughout the coronavirus crisis, with optimization of supply...
Cancer Supportive Care Products Market to Reach US$ 32 Bn by 2030; Sales Limited by Complications for Cancer Patients Through Covid-19 Infections
The cancer supportive care products market is anticipated to reach a valuation of US$ 32 billion by 2030. The industry is expected...
Bronchoscopes Sales to Rise 1.5x Between 2018 and 2028; Potential Covid-19 Diagnostic Applications to Generate Lucrative Growth Opportunities
Bronchoscope manufacturers remain focused on development initiatives to improve product functionality and accuracy for higher adoption amid healthcare facilities. The bronchoscopes...
US$ 1.1 Bn Hypoparathyroidism Treatment Market Still in Infancy
Mushrooming incidences of thyroid cancer have amplified the number of thoracic surgeries, thus stimulating growth of hypoparathyroidism treatment market. Future...