Cyber Security Alert: Cryptojacking
There is a new threat in the cyber security realm, cryptojacking. It siphons off precious computing power while lurking undetected for long periods of time. It may already exist in your network. It is important for cybersecurity professionals to understand this new threat and how to stop it.
What is Crytpojacking?
Crypto currency has increased in use, popularity, and value. This has led cybercriminals to devise new methods of attaining it, and hence cryptojacking. This involves installing a crypto currency mining script on computers or networks, then using part of the CPU’s computing power to mine. Mining, in the crypto currency world, means lending computing power to verify transactions across the network which crypto currency transactions are processed. Miners then receive a small portion of the crypto currency as a reward for helping verify the transactions. It’s like paying a bank fees for transactions except in the crypto world, there are no banks, so miners and owners of certain cryptocurrencies share in the fees through activities such as mining (proof of work) or staking (proof of stake)
The process for accomplishing this malicious act is so simple that is bringing more cybercriminals out of the woodwork. Cyptojacking is accomplished by luring an employee to click on a link for an update to a common program or by visiting a website that has an auto install script embedded. These procedures take very little effort to set up. Innocent websites often play host to these undetected cybercriminal parasites.
Unfortunately many cryptojacking perpetrators will never be prosecuted, which makes it even more attractive. No data is stolen or tampered with therefore the drive to go after these criminals is not as great as it may be with other cybercrimes. The cyber thieves also tend to gravitate towards privacy coins, which are virtually untraceable. This adds to the lack of desire to prosecute as the results are not likely to be proportional to the effort.
Cryptokacking costs companies precious resources. Computer systems they have in place are designed to perform optimally for their tasks at hand. Computers infected with crytojacking script will slow down and may eventually stop. Many companies will find themselves replacing computers and parts of their network before discovering the real issue. The time and effort expended by the tech support and cybersecurity staff to discover and address cryptojacking is costly even if identified efficiently.
What to do:
It’s important to go on the offensive in order to stop cryptojacking. One important step is to install web browser extensions that combat cryptomining. Also ensure that your web browser’s stay up to date as the latest security features will heighten security. Monitor your network for curious activity such as unidentified servers coming online at odd hours. Keep cybersecurity and tech support staff up to date on the latest cryptojacking tactics and programs as it is constantly evolving.
There was a time when cybercriminal where after data and tangible assets. Now that cryptokacking has come onto the scene, everything has changed. Even the lightest change in a networks’ performance can mean something malicious is underway. As cybersecurity professionals, it is important to stay on the cutting edge of cryptojacking in order to combat and stop cybercriminals from infiltrating a company’s systems.
For more interesting articles on cyber security check out the resources at Careers in Cybersecurity.