While businesses are getting to grips with threats such as ransomware and business email compromises, we have already begun to see a new threat impacting on the connected business world, and that threat is cryptojacking. Cryptocurrency mining is almost the new gold rush, and to effectively mine and make money from cryptocurrencies requires huge investments in computing power and electricity. So why spend money on your own systems and power when you can simply steal them from someone else?
With cryptojacking, cybercriminals infect your systems with malware that effectively steal processing time and capacity from your computer, and pool it with thousands of other computers that they control to do distributed cryptocurrency mining. Most organisations will not even be aware that they have in fact been compromised and that their assets and electricity use are making someone else rich. Most people won’t even notice anything is wrong as the cryptojackers are subtle, except maybe their computers are a bit noisier.
But the reality is that these attacks significantly increase power consumption by infected computers as the processors work constantly and harder to compute all the extra cryptographic calculations needed for crypto-currency mining. While this may seem insignificant, when one actually calculates what the extra costs can be for an average organisation, the extra costs can run into the tens of thousands of rands. Not only that, but the increased strain on the processors also reduce their lifespan, meaning that you will have to replace computers sooner, all with an additional cost to you.
So, what can you do to avoid becoming a victim of cryptojacking?
· Make sure all your users are aware of the problem and constantly make them aware not to click on links or open attachments in emails that are suspicious.
· Run an ongoing cybersecurity awareness
· Ensure your systems are constantly up to date and patched.
· Get your IT departments to have a baseline for their systems that they can constantly check against for anomalies.
· Have dedicated cybersecurity resources on staff or partner with a dedicated cybersecurity partner.
Until next issue, stay safe, and remember that you can trust, but always verify.
Jason Jordaan | Principal Forensic Analyst | DFIRLABS (Pty) Ltd
@DFS_JasonJ | [email protected]