Up until a few years ago one of the biggest security threats on the internet was ransomware. Everyone had a horror story about someone’s computer getting infected and having to pay huge sums of money to regain access to their files.
The newest threat on the internet is cryptojacking. Unlike ransomware it is so stealthy you might not even know your computer has been infected.
What Is Cryptojacking?
Cryptojacking refers to the unauthorized use of someone else’s computing resources to mine cryptocurrencies. Once your machine is infected with malware it begins to mine cryptocurrencies, generating funds for the person or people who initiated the attack. In order to mine cryptocurrencies the malware diverts some of your computer’s computing power and uses some of your electricity to run the process.
Most attackers are smart enough to not completely siphon off all of your computing power, since this would significantly slow down your machine and draw attention to their activities. Instead of concentrating their efforts on a few computers they target as many as they possibly can, and trick each computer into diverting a small fraction of its processing power to their cryptocurrency mining efforts. This will result in each computer only seen a small dip in performance, something most users are unlikely to notice. Since the malware does its best to remain unobtrusive most users won’t notice it is there at all, and will let it continue its mining undisturbed.
Why Do Criminals Use Cryptojacking?
Cryptojacking has become so popular because it is low risk and guarantees a 100% payout since the criminals are cutting humans out of the equation entirely. With ransomware criminals had to demand payment from users in order to gain anything, whereas with cryptojacking they can just trick the computer into generating money for them.
Cryptojacking is also incredibly lucrative, since it is easy to infect a lot of machines and set each one up as part of a larger cryptocurrency mining operation. Even if a few users notice, and have the technical savvy to remove the malware, there are still likely thousands of other infected computers that continue to generate cryptocurrencies.
The main reason cryptojacking is so lucrative and low risk is that it relies on our apathy. Whereas a ransomware demand forced users to act cryptojacking works, by design, to avoid letting us know it is even there. By remaining undetected as long as possible it can continue to siphon off your computing resources and create more and more money.
Why Should I Be Concerned?
It might not seem like a big deal if someone is using only a tiny bit of your computer’s processing power and a little bit of electricity to mine fractions of a penny’s worth of cryptocurrencies, but it is. If criminals can use your computer to do any task it means they already have access to your data, and just because they are being unobtrusive doesn’t mean they are being harmless.
Now that the cyber criminals have already gained access to your machine they can potentially access sensitive data, or hijack your computer or entire network of computers to do whatever they want. If you notice cryptojacking malware on your computer it also means you are likely still vulnerable, and even if your current “guests” decide not to kill their cash cow that doesn’t mean someone else won’t come along and exploit the same vulnerabilities for more nefarious purposes.
What Can I Do To Keep People From Using My Infrastructure To Mine Cryptocurrencies?
There are a few policies you can implement at your company to keep your machines safe from cryptojacking. These include:
- Scanning all uploads from unmanaged and remote devices for malware
- Scanning all downloads from unsanctioned cloud applications or unsanctioned instances of cloud applications for malware
- Blocking or quarantining any devices that you detect malware on
- Blocking unsanctioned instances of well known or sanctioned cloud apps. This may be a bit restrictive, but it will significantly improve your security.
You can also talk to a cybersecurity company such as VirtualArmour. VirtualArmour can help you create and implement anti-cryptojacking security policies, as well as monitor your computers and other devices for malware. Cybercriminals are nimble, they are always looking for a new vulnerability to exploit. Staying on top of their latest tactics, and being able to employ the newest security tactics, is integral to keeping your network safe.
