Original Post from SC Magazine
Author: Doug Olenick
The term “cyber breach” brings to mind customer data
strewn across the internet, social security numbers permeating the dark web and
major news headlines. While these types of far-reaching incidents are the most
likely to generate concern for consumers and organizations, a recent study
from the Internet Society’s Online Trust Alliance has flagged a new, growing
risk that often lurks undetected in the background.
Cryptojacking is an emerging threat that parallels
the rise of cryptocurrency, but has flown largely under the radar, both in
terms of general public knowledge and awareness on the victim side. However,
based on data from various industry sources, cryptojacking attacks have more
than tripled since 2017, creating new concern about the rise in these types of
incidents. And though cryptojacking waned in late 2018 as cryptocurrency prices
fell, it has made a resurgence in 2019 along with the rising cryptocurrency
Unlike phishing or ransomware attacks, cryptojacking
runs nearly silently in the background of the victim’s computer or device. It
involves installing malware on a device connected to the internet, which can be
anything from a phone, to a gaming console, to a router, to an organization’s
servers. Once installed, the hacker can then use the devices’ computing power
to “mine” cryptocurrency without the user’s knowledge.
Given the large amount of processing power it takes
to successfully mine cryptocurrency, the goal of any cryptojacking operation is
to hijack enough devices so that their processing power can be pooled. This is
achieved by hijacking vast numbers of devices, but only using small amounts of
each individual device’s processing power, so the user is not likely to notice
their device is being hijacked. Conceptually similar to a botnet, attackers then
network these hijacked devices together to mine cryptocurrency.
Explaining the Spike
So why the recent spike in such passive attacks?
While cryptojacking may have been low on the hacker priority list in the past,
the rise in the value of cryptocurrency means it’s now a lucrative way for
hackers to make money quickly. Moreover, unlike phishing or malware, which
gives access to data that then must be infiltrated or sold, cryptojacking
provides a direct path to actual tangible ‘cash’ without the second step. The
evolution in the legitimacy of cryptocurrency, with institutions like JP Morgan
Chase and Facebook getting into the game, means that cryptocurrency is now more
openly accepted, versus being a type of mystical vaporware used only by the
In addition, the continued improvement in encryption
technologies and privacy and security measures may mean that hacking in a
traditional, invasive way is becoming more challenging for cyber criminals.
Cryptojacking provides a lucrative payout without actually touching any
sensitive or protected owner data. Also, because of its silent nature, it may allow
for a prolonged payout for these criminals, who can infiltrate and then stay resident
on a device without being detected for long periods of time.
The Impact on Organizations
Risks associated with cryptojacking don’t appear to
be as blatant or far-reaching as other types of cyber incidents, at least at first.
In fact, the majority of victims may never realize that their machines are
being utilized for nefarious purposes. The signs that your devices may have
been infected are notoriously hard to detect, because often the software is not
malware in the traditional sense but rather legitimate crypto mining code
illicitly installed, and thus not flagged by security scans.
Sudden slowing of your device or a rise in
complaints across-company about computer performance may be a sign that there
is an issue. Yet while a decline in computing performance can be a costly issue
for larger corporations (and certainly amount to annoyance and lost
productivity for the individual), the real risk comes from the door that is
opened on your devices when a cryptojacking hack occurs. At the end of the day,
cryptojacking is just another form of attack, and thus similar to other
breaches in that a criminal has gained illicit access to the target
device. Once the device has been
compromised, other breaches are far more likely to occur.
Attacks in the Future
individuals looking to protect themselves from cryptojacking need to ensure
their security standards are high and that they are taking every step to
protect themselves against all types of cyber incidents. Make sure everyone on
your network is using unique passwords and multi-factor authentication.
Continuously monitor for anomalous activity on the network, be sure any
software installed on a device comes from a reputable source and that the
software is fully patched.
By being diligent
on all security fronts, most cryptojacking attacks can be avoided or remedied
after the fact. The rise in cryptojacking incidents is a good reminder that
everyone who isn’t following key security and privacy best practices is at risk
for this type of attack, or worse. Practicing proactive and ongoing protection
measures is the only way to minimize the risks and protect against
Go to Source
Author: Doug Olenick