Cryptojacking: The Silent, but Insidious Security Threat
The rise of bitcoin and the imminent release of Facebook’s Libra have taken cryptocurrency — a mere idea a decade ago — mainstream. As these new payment and money management methods gain momentum among financial institutions and their customers, hackers have leveraged security vulnerabilities to exploit this new financial landscape.
Of particular concern is the stealthy yet devastating threat of cryptojacking. The threat materializes when a user visits an infected website and malicious actors instantly start running a piece of JavaScript code that surreptitiously turns the user’s web browser into a cryptocurrency mining machine, without the user's knowledge.
Cryptojacking is dangerous for a few reasons. Users' computers not only get infected with malware, but also the attack can lead to groups of computers being turned into botnets to mine cryptocurrency. Additionally, these cryptojacking attacks drain a computer’s CPU resources and waste energy. And hackers may be able to move from simpel cryptomining to more malicious activity.
As cryptocurrencies become more popular, businesses need to take steps to guard against cryptojacking attacks.
MORE FROM BIZTECH: Update your cybersecurity response plan before an attack occurs.
Why Cryptojacking Is the Next Big Security Threat
The most well-known form of cryptocurrency is bitcoin, but several others, such as Litecoin, Ethereum and Zcash, were designed to compete with bitcoin. This financial market is purely digital; no physical coins exist.
Instead, cryptocurrencies use a technology called blockchain, which “is essentially a database that contains a record of all of the transactions that have taken place on it,” Lifewire explains. Blockchain has no centralized network location, making it harder to be hacked. While the entire cryptocurrency ecosystem is protected by this decentralization, an individual user’s computer isn’t.
Ayse Kaya Firat, head of customer insights and analytics at Cisco Cloud Security, says that hackers come into play when they want to do cryptomining at scale to get cryptocurrency. “To be able to do that, you need enormous computing power,” she says. “They hijack unmonitored computing resources, from small businesses to large enterprises. They can actually use IoT devices, personal electronics, a home computer, anything they want, to be able to leverage that power.”
The attacks are distributed across a wide range of machines and use a small percentage of the computing power of each machine, making the attacks difficult to detect. Cryptojacking can earn hackers about 30 cents per machine, per day, which might not seem like a lot of money. “But when you add it up it becomes a big revenue business for them,” Firat says.
How to Protect Against Cryptojacking
According to the Internet Society’s Online Trust Alliance “Cyber Incident and Breach Trends Report,” which cited data from Trend Micro, the number of cryptojacking incidents more than tripled between 2017 and 2018 to more than 1.3 million instances.
The report notes that, according to Malwarebytes, web-based cryptojacking has decreased recently, but the attacks have “morphed into hijacking everything from Android phones through malicious apps to entire organization networks.”
Businesses should guard against cryptojacking attacks by following many of the basic cybersecurity protocols that can help defend against any other cyberattack.
"Use unique passwords and multi-factor authentication, monitor for anomalous activity on the network, be sure any software installed on a device comes from a reputable source and that the software is fully patched," the report advises.
Brian Roddy, vice president and general manager of Cisco Cloud Security, says it is difficult to determine if machines are being hacked for cryptomining. Energy bills might go up or IT admins might notice that their machines are behaving differently, but it can be very challenging to root out cryptomining without knowing the specific signatures of the attacks. So, he says, businesses need to use security software to understand the network signatures the cryptojacking programs send out.