There are a few things that you should look for in the future of cryptomining, as well. These kinds of attacks will increase or decrease, depending on the price of certain coins. So, if we see a giant spike in the price of Monero, we'll see more attackers move in that direction. If the price drops and it goes to zero, we won't see people mining those coins anymore, and we might see people falling back to using ransomware.
Another thing to look out for is much more targeted cryptomining attacks. This is actually an interesting one for people who have a lot of infrastructure in the cloud. If you have a whole bunch of systems in AWS, and you have keys that allow you to spin up new instances, attackers are already looking to steal those keys [and] spin up instances inside one cloud or another that are simply there to mine currency. They'll spin them up for a while, they'll cost you a whole bunch of money in your cloud provider, and they'll make a lot of money based off those coins.
The third thing that I think you should keep an eye out for is the potential for an insider threat of cryptomining. And this isn't something that a lot of people have thought about, but oftentimes, an administrator who has access to a lot of systems might think, hey, I can make a little bit of money by using some of the free CPU time on all these systems overnight when people aren't at work, and I can mine some coins.
This is something that we saw a lot back in the early days of bitcoin. It's likely we're going to see a lot of administrators going down that road, thinking they're not really causing any harm, but they might be making a lot of money. So, look at your power consumption across all your systems. If you're suddenly seeing much higher CPU usage and increased power, you might have cryptomining happening inside your network.