Research Hub > Do You Have a Plan for Preventing Cryptojacking?

October 01, 2019

Article
3 min

Do You Have a Plan for Preventing Cryptojacking?

Organizations must prepare for and defend against hackers mining cryptocurrencies on their networks.

Victor Marchetto Victor Marchetto
GettyImages-976952094hero

Bitcoin is celebrating its 10th anniversary amid a flurry of attention from investors, entrepreneurs and cybersecurity professionals. As the most popular among thousands of cryptocurrencies, bitcoin has captured the interest of investors seeking to profit from the digital currency’s ability to provide secure, anonymous transactions over the internet.

Unfortunately, cybercriminals also have taken a keen interest in cryptocurrencies, and organizations must be prepared to defend themselves from the devious tactics that hackers have devised to get rich at their expense.

What Is Cryptocurrency Mining?

There are many parallels between cryptocurrencies and traditional currencies, but one major difference lies in how they are created. Traditional currencies use paper bank notes that are issued by a government to represent units of value. Cryptocurrencies not only don’t have a physical representation, they also don’t have a centralized authority to issue them. Instead, people around the world use their computers to mine cryptocurrencies. This mining activity uses massive amounts of computing power to solve difficult math problems. When someone successfully solves one of those problems before thousands of other people competing to solve the same problem, they are rewarded with a new unit of cryptocurrency.

Cryptocurrency mining is now an industry unto itself. Entrepreneurs are building massive data centers with specialized hardware designed to mine these currencies in a cost-effective manner, seeking to gain a profit as the price of bitcoin and other currencies rises. Considering hardware, data center space and electricity, the costs are high — but so are the potential returns.

The Rise of Cryptomining Malware

As with any money-making opportunity, criminals have also discovered the financial opportunity presented by bitcoin, and they’ve sought out opportunities to mine cryptocurrencies without incurring the expensive startup costs of a legitimate mining business. Instead, they seek to steal computing time from other businesses and use it for mining. This type of focused attack is known as cryptojacking.

Cryptojacking attacks commonly begin with the use of traditional malware. If attackers can infect a system with malicious code that allows them to take control of the host’s operating system, they can then use that computer to solve the difficult math problems of cryptocurrency mining. They also recognize that if they were to take complete control of a device and use all of its power for mining, their activity would be quickly detected. Instead, they siphon off small amounts of computing power when it is not needed for other purposes. This approach seeks to fly under the radar, avoiding detection by not causing problems.

Attackers also often compromise popular websites and infect them with scripts that perform mining. The difference in this case is that they’re not using the computing power of the website itself but, instead, are farming out the work in tiny slices to unsuspecting users who visit the website.

3 Steps for Thwarting Cryptojackers

If you’re concerned about the risk that cryptojacking poses to your organization, I have three recommendations that you can implement immediately:

  1. Update your organization’s acceptable-use policies to prohibit the use of company resources for cryptocurrency mining. This provides IT staff with unequivocal permission to investigate and remove any mining activity they discover.
  2. Implement strong security monitoring systems. If your cybersecurity program doesn’t already include robust intrusion detection capability, now’s the time to update those controls. Cryptocurrency mining uses telltale patterns of network activity, and it’s easy to detect if you’re watching for it.
  3. Respond quickly to signs of a cryptojacking attack. If attackers are able to mine cryptocurrency on your network, they’re likely also engaging in other malicious activity. Activate your incident response process as soon as you detect a possible intrusion, and bring in outside help, if necessary.

Cryptojacking is growing in popularity and is quickly becoming one of the most common security issues I see affecting CDW customers. Taking a few preventive steps now can hamper attackers who try to steal your computing resources.

Want to learn more about how CDW’s solutions and services can help you protect your organization from cryptojacking and other dangerous cyberattacks? Visit CDW.com/security

This blog post brought to you by: