You slip behind your desk, sit down your coffee, and boot up your computer. With 15 minutes to spare before you’re on the clock, you fire up your web browser and check the morning headlines. A few stories catch your eye, you click, you read. After getting caught up with the world, you minimize your browser window and begin the day’s work. But your computer seems to being running too slow. Normally you don’t have problem even with more windows and programs open than you have now. What’s going on? Cryptojacking is what’s happening…the latest cyber crime blazing through internet browsers.
In its most basic definition cryptojacking is: the unauthorized usurping of CPU capacity to perform clandestine cryptocurrency mining. Ok. But to fully grasp the concept of the violation, we must first understand “cryptocurrency mining.” Here’s a brief lesson…
Cryptocurrency Mining 101:
Cryptocurrencies are virtual mediums of exchange – digital money. The method uses blockchain – an online, non-editable, decentralized transaction ledger - and a technique called cryptography, to transform information into uncrackable codes for securing and tracking transactions. Each transaction is essentially a new block in the chain. When a new block is established, complex mathematical equations are used to verify the transaction. This is “cryptocurrency mining.” Those who perform these calculations for payment in cryptocurrency are called “miners.”
It’s a highly competitive arena, but it’s easy money…if one can afford the specialized software and immense computing power, and thus energy costs, necessary to conduct such operations. Enter cryptojacking. Because processing power and speed are what drives success in the miner’s game, some less-honorable participants have found a way to remotely hijack other people’s or businesses’ computer processors to bolster their own computing capabilities. And all they need is an open browser.
How do they do it?
And that’s the ease of the scheme. Find a highly trafficked site or popular video and you’ve got mining power. Particularly with so many Internet of Things (IoT) devices lacking stout security, and offering an “always on” environment. There have been reports of damaged Android phones resulting from cryptojacking incidents that fatally overheated the devices. Some cryptocurrency, such as Bitcoin (BTC) do require hearty, specifically built hardware, called ASICS or Graphics Process Unit (GPUs) to mine. But other currencies, such as Monero just need sufficient CPU power.
Money is Where Your Megahertz Are
However, some crypto-criminals are going big and turning to quality over quantity – they’re targeting robust enterprise super-computers. In early 2018, cryptojackers hit the electric automobile manufacture Tesla. An investigation revealed that a weakness within an administration console allowed the unscrupulous players to access Tesla’s Amazon Web Service environment, sponging powerful CPU power. The cryptojackers also hit Gemalto, and international digital security firm, and Aviva, a British insurance company with the same MO.
Jacking It Up
Some reports indicate that cryptocurrency attacks follow the fluctuating value of cryptocurrencies – if they drop, so do the incidents. Yet, the June 2018 McAffee Labs Threats Report indicated that the “count of total coin miner malware rose by 629% in Q1, to more than 2.9 million samples.”1. The report also stated that cryptojacking is “simpler, more straightforward, and less risky,” than other flavors of cyber crime, such as ransomware and data theft.
Cryptojacking, generally speaking, can be viewed as a less malicious transgression than data theft or ransomware. The most anyone loses is computing power. But for any business, big or small, loss of processing power could have devastating effects on production, services, and customer communication if it hit hard enough. Though this threat is not actually stealing other people’s property or money, organizations must do what they can to thwart any attempts.
The Jack Down
Here are some tips to halt cryptojacking from infiltrating your business.
- Protect server credentials by forgoing passwords and choosing an encrypted SSH key pair
- Conducted updates immediately and patch known vulnerabilities
- Scan you network and servers for foreign processes and questionably excessive power consumption
- Blacklist identified mining sites – Opera, Chrome, and Firefox have “No Coins” extension that blocks miner scripts
- Employ adblockers (but they’re finding detours around these)
- Removed compromised browser extensions
- Watch for: unexplained peaks in CPU usage; device overheating; sluggish computer response and internet browsing
1. What is Cryptojacking?, Blocks Decoded, 2018
For more great industry info, check out our free whitepaper:
Written by Angie Longacre
As a writer for Assurance Software, Angie devotes her craft to promoting business continuity and disaster recovery awareness, and trumpeting Assurance Software’s invaluable benefits for both. When she’s not commanding the keyboard, you can find her outside for a run, searching for her next antique treasure, or lost in a good book.