Your network of computers, servers and connected devices plays a crucial role in making your business money. It could also be slowly destroying itself while making money for somebody outside your company and you might not know until it’s too late.
Malicious cryptocurrency mining, or cryptojacking, is supplanting headline-grabbing ransomware attacks as the en vogue way for cybercriminals to cash in – and the criminals won’t even give you the courtesy of letting you know they’re taking advantage of your systems.
While ransomware attacks like WannaCry, Fox and Ryuk hijack your data and demand payments to release it, cryptojacking covertly harvests your hardware’s processing power to create valuable cryptocurrency.
Let’s take a look at how cryptocurrencies are produced, how cryptojacking affects your systems and how you can prevent it.
What are Cryptocurrencies?
You might have heard of cryptocurrencies like bitcoin and ethereum when the value of these digital currencies was flying high and making headlines in late 2017. In fact, bitcoin is a common form of payment cybercriminals request during ransomware attacks.
In simple terms, a cryptocurrency is a form of digital money that is decentralized, is largely anonymous and lacks government oversight. These currencies are mostly produced by computers solving complex mathematical problems, a process known as mining. When a problem is successfully solved, the owner is rewarded with several digital coins.
What is Cryptojacking?
The computer processing power, system cooling and electricity required to successfully mine can be very expensive. That’s why cybercriminals have turned to using relatively cheap mining software to harness the power of systems they don’t actually own. Unlike ransomware, this venture keeps them out of the spotlight.
There are two popular methods of cryptojacking. The one that first gained notoriety was using website scripts to passively harvest the processing power of site visitors’ systems. The websites that used this tactic aimed to replace advertising revenue with cryptomining, but they rarely asked for user permission (understandably, victims were not happy).
The more malicious method is deploying a form of malware that can end up on any PC, mobile smartphone, business server or Internet of Things (IoT) device. Using traditional malware and phishing tactics, hackers stealthily inject a cryptojacking script into your system when you click a malicious link or download a bad email attachment. Much like the website method, the malware then begins hijacking system processes for the purpose of mining.
Though the value of cryptocurrencies has fallen since the peak in late 2017, cryptojacking can still be very lucrative, even when hackers target low-power devices like home smart lights. It’s all about scale. Targeting one connected device might make a hacker a couple pounds a day, but hijacking thousands of devices across the country can turn that figure into hundreds of thousands of pounds a month. That’s why the number of cryptojacking attempts have skyrocketed despite declining cryptocurrency values.
How can I tell if I’ve been Cryptojacked?
The most obvious sign of cryptojacking is a decrease in computer or device performance: your internet lags, your computer takes longer to open applications, and your device cooling fans run louder and more frequently.
Depending on the processing power of your system and the extent of the infection, the average user either doesn’t notice these signs of cryptojacking or simply writes them off as a minor annoyance. However, increased wear and tear on hardware can carry long-term consequences, especially in a business setting.
The more your system runs, the shorter its physical life span becomes. Meanwhile, your IT department will invest several hours in troubleshooting performance issues. There’s also the risk that since the hacker was able to successfully install malware on your system, they might attempt something more disruptive, such as stealing personal or confidential information or even reverting to traditional ransomware.
What can I do to prevent Cryptojacking?
The good news is that preventing cryptojacking follows many of the same steps that help prevent typical malware and phishing attempts. These things should be incorporated into your employee data security training for everybody from interns to executives:
- Practice good internet hygiene by not visiting questionable websites.
- Double check email addresses and the validity of attachments and links.
- Change passwords regularly and follow best practices for password creation.
- Be cautious about what devices you allow to connect to your business network and remember to change default passwords.
Some other steps you might take include installing ad blockers and anti-cryptojacking extensions on your web browsers, disabling JavaScript in browsers and using anti-virus software that can specifically detect cryptomining activity.
By getting your employees to commit to a culture of strong cybersecurity practices, you can protect your business from cryptojacking attempts and prevent somebody else from making money off your network and hardware.
