Businesses Are Increasingly Falling Victim to a New Cyber Scheme Known as Cryptojacking…
Businesses around the world are increasingly falling victim to cryptojacking – a new cyber scheme where criminals hijack central processing unit (CPU) power from unsuspecting computer users to mine cryptocurrencies. The rapid evolution of cyber threats highlights the importance of regularly updating your company’s cybersecurity and data protection protocols.
Cryptojacking is the latest scheme involving malware spread via fake online advertisements. When a user clicks on the ad, it executes malicious code that allows the attackers to mine cryptocurrency via the user’s browser. More sophisticated attacks can infiltrate vulnerable systems that simply display the illegitimate ad without any involvement by the user.
Some websites allow browser-based cryptomining as a means of generating income. Unlike cybercriminals, legitimate websites use a small percentage of the computer’s resources to run mining code in the background, but only if visitors provide consent. Conversely, hackers use far more aggressive techniques and circumvent security features to remain undetected for as long as possible.
Earlier this year, cryptojacking surpassed ransomware as the number one type of attack on the internet, according to Akouto. The Canadian cybersecurity firm’s servers tracked a 3,500 percent spike in attempted intrusions in March of 2018.
“March was an incredibly active month for the combined malvertising-cryptojacking attack,” said Akouto founder Dominic Chorafakis. “Starting on March 7th, our central monitoring servers recorded a spike in attacks being blocked by managed Intrusion Prevention systems on customer networks,” Chorafakis continued. “The attempts were detected at virtually every site at a rate that was 3500% higher than the months prior. Reports in April showed a decrease in activity but still averaged 700% higher than the first two months of 2018.”
While cybercriminals may not steal data, cryptojacking can result in a loss of productivity for business because it slows systems, makes them use more energy, and may even render them unresponsive. Devices infected with the malware may also suffer from an increase in application crashes and may stop working completely.
Cyber Vigilance Is Essential
Staying on top of cyber threats is increasingly important, as both regulators and customers are holding companies more accountable for lapses in security. In New York, the Department of Financial Services continues to roll out its cybersecurity regulations.
As discussed in greater detail in prior articles, the regulations require that financial service companies “establish and maintain a cybersecurity program designed to ensure the confidentiality, integrity and availability of the Covered Entity’s Information Systems.” The cybersecurity requirements further mandate that covered entities implement cybersecurity policies that are tailored to their unique risks and needs.
Of particular note, entities subject to the DFS regulations must appoint a chief information security officer to implement and enforce the policies. Other requirements under the regulation include: adopting policies and procedures designed to ensure the security of information systems and nonpublic information accessible to, or held by, third-parties; requiring multi-factor authentication for individuals accessing internal systems who have privileged access or to support functions including remote access; drafting an incident response plan to recover from any cybersecurity event; and conducting annual penetration testing and vulnerability assessments. This February, new annual certification requirements took effect under which a board member or senior officer at all regulated entities must certify annually that the company is in compliance with the DFS cybersecurity requirements.
In New Jersey, Attorney General Gurbir S. Grewal recently announced the creation of a new civil enforcement unit, known as the Data Privacy & Cybersecurity (DPC) Section. The new DPC Section will be housed within the Division of Law’s Affirmative Civil Enforcement Practice Group and will be tasked with enforcing laws that protect New Jersey residents’ data privacy and cybersecurity by bringing affirmative civil actions against violators. Among other priorities, the DPC Section will assume responsibility for the Office’s ongoing investigation into Facebook’s transfer of personal information to Cambridge Analytica. According to Facebook, approximately 1.6 million users in New Jersey were impacted.
In addition to enhanced regulatory scrutiny, businesses also face increased reputational harm in the wake of a cyberattack. Customers now expect companies to have robust data security procedures in place and assign blame when they fall short. Given the risks, businesses should consider taking steps to mitigate the risk of cryptojacking, such as reviewing software patch policies, analyzing website security, and implementing security programs that can block access to crypto mining scripts.
One Big Beautiful Bill: New Overtime Tax Rules Employers and Employees Need to Know
Part 1 – Overtime Pay and Income Tax Treatment Overview This Firm Insights post summarizes one provision of the “One Big Beautiful Bill” related to the tax treatment of overtime compensation and related employer wage reporting obligations. Overtime Pay and Employee Tax Treatment The Fair Labor Standards Act (FLSA) generally requires that overtime be paid […]
New York’s FAIR Business Practices Act: What the New Consumer Protection Measure Means for Your Business
In 2025, New York enacted one of the most consequential updates to its consumer protection framework in decades. The Fostering Affordability and Integrity through Reasonable Business Practices Act (FAIR Act) significantly expands the scope and strength of New York’s long-standing consumer protection statute, General Business Law § 349, and alters the compliance landscape for New York […]
How to Reduce Legal Risk as Your New Jersey Business Grows in 2026
For many New Jersey businesses, growth is a primary objective for the New Year. However, it is important to recognize that growth involves both opportunity and risk. For example, business expansion often results in complex contracts, an increased workforce, new regulatory requirements, and heightened exposure to disputes. Without proactive planning, even routine growth can lead […]
Crypto Investor Protection: SEC and CFTC Enforcement Trends
Crypto investor protection continues to evolve, with the SEC and CFTC investing resources and coordinating more closely to uphold regulatory standards. Whether you’re a retail investor, an institutional trader, or part of a crypto startup, understanding enforcement trends is essential for navigating this dynamic and high-stakes regulatory environment. Crypto Is No Longer the Wild West […]
New Jersey’s Next Manufacturing Tax Credit: Stability Secured, Timing Matters
A Settled Regulatory Environment Enables Confident Capital Planning New Jersey’s new manufacturing incentive program, Next New Jersey Manufacturing Program, enters 2026 with something uncommon in economic development these days: policy stability. The statute is enacted, New Jersey Economic Development Authority’s (“NJEDA”) rules are adopted, and the application portal is open. With the election outcome settled, […]
When done successfully, industry roll-up acquisitions can dramatically grow and strengthen your business. In this post, we break down what an industry roll-up is, why companies pursue it, and what makes it an effective (and sometimes risky) business strategy. What Is an Industry Roll-Up Acquisition? In an industry roll-up acquisition of companies, a buyer acquires multiple companies […]
No Aspect of the advertisement has been approved by the Supreme Court. Results may vary depending on your particular facts and legal circumstances.
Sign up to get the latest from our attorneys!
Explore What Matters Most to You.
Consider subscribing to our Firm Insights mailing list by clicking the button below so you can keep up to date with the firm`s latest articles covering various legal topics.
Stay informed and inspired with the latest updates, insights, and events from Scarinci Hollenbeck. Our resource library provides valuable content across a range of categories to keep you connected and ahead of the curve.
Let`s get in touch!
Sign up to get the latest from the Scarinci Hollenbeck, LLC attorneys!
