We're sorry but your browser is not supported by Marsh.com.au

For the best experience, please upgrade to a supported browser:



Mining for Virtual Gold: Understanding the Threat of Cryptojacking


Cyber criminals have mastered a new way to attack businesses:  through cryptojacking, one of the fastest growing types of cyber-attacks, criminals can siphon an organisation’s computing power to mine cryptocurrency, opening the door to new sources of illicit revenue at the company’s expense.

What is Cryptojacking?

Thousands of cryptocurrencies or “coins” exist today – some, such as Bitcoin, serve as a digital currency with considerable monetary value.  Creating certain cryptocurrencies requires the completion of a complex cryptographic puzzle, a process known as cryptomining. A growing number of miners are now simply stealing or “hijacking” the necessary computing power to complete those puzzles from unsuspecting consumers and businesses.

What is the Risk?

Some companies represent particularly strong targets for cryptojacking. These include critical infrastructure companies who consume significant amounts of power; companies that rely heavily on cloud services; and users of Internet of Things devices, which allow miners to quickly amass armies of hijacked devices to mine cryptocurrency at scale.

Cryptojacking can impair performance of infected computer systems, leading to sluggish or crashing computers or overheating of central processing units.  And, over time, this can have real financial consequences, as businesses incur costs for higher energy consumption or cloud usage; sooner-than-planned hardware replacement; or additional IT support to address system performance issues.  Companies that transfer cryptomining software to unsuspecting third parties have also become the subject of litigation and regulatory scrutiny. 

Can Cyber Insurance Help?

Cyber insurance may cover cryptojacking-related losses, such as control system disruption or loss of sensitive information.  Cyber insurance may also help cover costs for investigations of cryptojacking events and forensic accounting services for claims preparation.

Whether cyber insurance responds will depend upon the specific policy terms and conditions.  Marsh can help our clients review cyber insurance coverage provisions to determine policy response to cryptojacking losses, and to ensure that policies include appropriate claim triggers and loss definitions to capture all possible scenarios.

Download the PDF to learn more.

Marsh Pty Ltd (ABN 86 004 651 512, AFSL 238983) (“Marsh”) arrange this insurance and is not the insurer. The Discretionary Trust Arrangement is issued by the Trustee, JLT Group Services Pty Ltd (ABN 26 004 485 214, AFSL 417964) (“JGS”). JGS is part of the Marsh group of companies. Any advice in relation to the Discretionary Trust Arrangement is provided by JLT Risk Solutions Pty Ltd (ABN 69 009 098 864, AFSL 226827) which is a related entity of Marsh. The cover provided by the Discretionary Trust Arrangement is subject to the Trustee’s discretion and/or the relevant policy terms, conditions and exclusions. This website contains general information, does not take into account your individual objectives, financial situation or needs and may not suit your personal circumstances. For full details of the terms, conditions and limitations of the covers and before making any decision about whether to acquire a product, refer to the specific policy wordings and/or Product Disclosure Statements available from JLT Risk Solutions on request. Full information can be found in the JLT Risk Solutions Financial Services Guide.