Do You Have a Plan for Preventing Cryptojacking?
Organizations must prepare for and defend against hackers mining cryptocurrencies on their networks.
Bitcoin is celebrating its 10th anniversary amid a flurry of attention from investors, entrepreneurs and cybersecurity professionals. As the most popular among thousands of cryptocurrencies, bitcoin has captured the interest of investors seeking to profit from the digital currency’s ability to provide secure, anonymous transactions over the internet.
Unfortunately, cybercriminals also have taken a keen interest in cryptocurrencies, and organizations must be prepared to defend themselves from the devious tactics that hackers have devised to get rich at their expense.
What Is Cryptocurrency Mining?
There are many parallels between cryptocurrencies and traditional currencies, but one major difference lies in how they are created. Traditional currencies use paper bank notes that are issued by a government to represent units of value. Cryptocurrencies not only don’t have a physical representation, they also don’t have a centralized authority to issue them. Instead, people around the world use their computers to mine cryptocurrencies. This mining activity uses massive amounts of computing power to solve difficult math problems. When someone successfully solves one of those problems before thousands of other people competing to solve the same problem, they are rewarded with a new unit of cryptocurrency.
Cryptocurrency mining is now an industry unto itself. Entrepreneurs are building massive data centers with specialized hardware designed to mine these currencies in a cost-effective manner, seeking to gain a profit as the price of bitcoin and other currencies rises. Considering hardware, data center space and electricity, the costs are high — but so are the potential returns.
The Rise of Cryptomining Malware
As with any money-making opportunity, criminals have also discovered the financial opportunity presented by bitcoin, and they’ve sought out opportunities to mine cryptocurrencies without incurring the expensive startup costs of a legitimate mining business. Instead, they seek to steal computing time from other businesses and use it for mining. This type of focused attack is known as cryptojacking.
Attackers also often compromise popular websites and infect them with scripts that perform mining. The difference in this case is that they’re not using the computing power of the website itself but, instead, are farming out the work in tiny slices to unsuspecting users who visit the website.
3 Steps for Thwarting Cryptojackers
If you’re concerned about the risk that cryptojacking poses to your organization, I have three recommendations that you can implement immediately:
- Update your organization’s acceptable-use policies to prohibit the use of company resources for cryptocurrency mining. This provides IT staff with unequivocal permission to investigate and remove any mining activity they discover.
- Implement strong security monitoring systems. If your cybersecurity program doesn’t already include robust intrusion detection capability, now’s the time to update those controls. Cryptocurrency mining uses telltale patterns of network activity, and it’s easy to detect if you’re watching for it.
- Respond quickly to signs of a cryptojacking attack. If attackers are able to mine cryptocurrency on your network, they’re likely also engaging in other malicious activity. Activate your incident response process as soon as you detect a possible intrusion, and bring in outside help, if necessary.
Cryptojacking is growing in popularity and is quickly becoming one of the most common security issues I see affecting CDW customers. Taking a few preventive steps now can hamper attackers who try to steal your computing resources.
This blog post brought to you by:
