No single tool can ensure perfect security. That’s why layering multiple tools and approaches is considered a best practice to reduce vulnerability to attacks. It has become more apparent in recent years that management tools form a vital security layer. Think of it this way: A window lock is a security tool. Closing the windows is management. Neither is enough by itself.
While ransomware had been the most common and widespread cybersecurity threat for much of 2017, 2018 saw the rise of malicious cryptocurrency mining. Hackers use a simple strategy: infect a PC, smartphone, or another device with malware and discreetly hijack the processing power of the target’s devices to mine for untraceable cryptocurrencies such as Bitcoin or Monero.
For more articles like this, check out the Cyber Security Sourcebook here.
McAfee Labs reported in June 2018 that coin-mining malware had grown 629% compared to Q4 2017. It’s an incredibly lucrative (and largely anonymous) scheme that can sap your devices’ performance, cause hardware damage, and net huge amounts of cryptocurrency for hackers. Their exploits have expanded to steal credentials from popular cryptocurrency platforms via spammed email campaigns, and even include “drive-by attacks” where the cryptojacking takes place inside the web browser from an open API. Between the diversity of their approaches, the untraceable aspects of most cryptocurrencies, and the proliferation of malware and related exploit kits, cryptojacking is expected to continue its growth in popularity for cybercriminals and become an even bigger problem in 2019.
Symptoms of Cryptojacking
It’s important to know what to look for when diagnosing a potential malware-driven issue. If your device has been cryptojacked, you may hear loud whirring sounds from your desktop or laptop. Your device may heat up and battery life for mobile devices will drain faster than usual. Performance on your device may be impacted as well, running programs more slowly and even crashing while performing tasks that had become part of your normal routine. If it’s your company server that’s been hijacked, you may see issues with web performance and crashing. Over the long-term, you’ll see spiking electric bills due to the increased energy draw from your device.
While cryptojacking may seem less damaging to those under attack than ransomware, you should not underestimate the impacts. System overloads due to discreet cryptomining can disrupt business and threaten infrastructure should critical systems become compromised. Secondary leaks of personal information, financial accounts, and other data breaches can be costly and put your customers at risk.
While the symptoms outlined above are not unique to cryptomining attacks, there are system performance and management criteria that can be monitored and reported to help identify new threats.