Everything You Need to Know About Cryptojacking
We recently wrote a post all about Bitcoin and how it could rise to be as common as traditional currency. As with most cyber trends, with the rise of new technology comes the rise of new risks to cybersecurity. In this case, as cryptocurrency has grown, so has Cryptojacking. In a report conducted by Symantec, it was revealed that cases of this new cyber attack surged by 8,500 percent within the last few months of 2017.
What is Cryptojacking?
Simply put, Cryptojacking is the unauthorised use of your computer to mine cryptocurrency. Mining cryptocurrency requires a huge amount of computer power, it runs a software on your computer to convert blocks of the transactions between people into sequences of code known as 'hash'. This is a highly competitive process with many miners working on the same block at any time, the first to convert the block correctly receives a reward in Bitcoins. Cybercriminals use coin miners to steal their victims’ computer processing power and cloud CPU usage to allow them to mine the maximum amount of cryptocurrency and therefore receive the maximum reward
How can cybercriminals use your computer to mine?
There are a number of ways in which cybercriminals can take advantage of your computer. The first is by using a phishing e-mail to encourage you to click on a spurious link that loads cryptomining code onto your computer or installs software that they can run in the background.
What effect could it have on the victim?
This type of attack is dangerous because to a user it is totally invisible, the only possible sign would be slower computer performance. Because of its extreme use of device power, Cryptojacking could potentially cause a device’s batteries to overheat and therefore the device could become unusable. Also, it can be very dangerous for companies that fall victim, cybercriminals may shut down corporate networks to achieve the maximum amount of power. Coin mining in the cloud also has financial implications for organisations that are being billed based on CPU usage because they will have to pay for this extra power that these criminals are using.
How can you protect yourself?
Awareness: The best way to protect against phishing based Cyrptojacking is to incorporate it into your security awareness training to ensure that no accidents are made due to lack of employee awareness that could cost your company greatly.
Did you know that Xenace have created an interactive training platform called Phishwise that can identify your company’s susceptibility to phishing attacks and educate your employees on how to avoid such attacks? Visit our website or get in touch for more information.
Manage and monitor browser permissions: If you identify a web page that is delivering Cryptojacking scripts, make sure your users are blocked from accessing it again. Some attackers are using malicious browser extensions or poisoning legitimate extensions to execute crypto mining scripts, so it is also a good idea to monitor your browser extensions too.
It is important to always keep up with the ever-evolving developments in cyber attacks, Cryptojacking is just the latest to educate yourself on. Keep up to date with our blog to find out all the latest ways that you can keep yourself and your business cybersecure.