IBM security expert gives tips for protecting personal data from new threats

IBM just revealed its annual index of the biggest cyber security risks of 2018.  The report also documented what companies and consumers can do to protect themselves.

Continue Reading Below

TickerSecurityLastChangeChange %

One of the trends outlined in the index is a shift to “cryptojacking” or “cryptomining,” according to Caleb Barlow, Vice President of Threat Intelligence at IBM Security.

“The big surprise this year is, we’re seeing a drop in ransomware, down 45 percent over the course of the year,” Barlow told FOX Business’ Maria Bartiromo on Thursday. “But the bad guys are pivoting to cryptomining, where they’re actually leveraging the horsepower, the CPU power on your machine to mine cryptocurrencies  --that was up over 450 percent  this year.”

Barlow added that the continuing source of revenue makes cryptomining more attractive than other attacks. 

“They’re business people like anyone else who will come on your show, and what they’re realizing is it’s time to move to a more subscription-based model,” he said. “So ransomware is once and done.  You infiltrate a machine, you hope you get paid.  But if you move to cryptomining -- cryptojacking, you know, now you’ve got the opportunity to get a reoccurring revenue stream as that victim machine keeps processing those cryptomining for you.”

Barlow also offered tips to hardware and information secure.

“I think the biggest thing we all need to recognize is, like everything, practice good password hygiene, have security tools installed on your equipment,” he said. “But also, if you happen to notice that some piece of equipment, maybe a server, maybe a workstation, or maybe something else connected to the Internet, is going extremely slow, there’s a new thing you need to check and maybe you’ve been hijacked by a bad guy that’s using that as a platform for cryptojacking.”


Barlow added that “2-factor authentication is absolutely critical.”

“I cannot underscore enough how important two-step authentication is,” he said. “I have a machine downstairs in the building I’m in now that we use for cracking passwords.  We can crack a 12-character password in a matter of minutes.”