According to a report from Crypto Head, cryptocurrency crimes have been increasing by about 312% every year since 2016. That may not sound surprising, due to its rapid rise in popularity and value, but in light of cryptocurrency's touted safety, it's probably a bit disconcerting for network security managers. Many of these cryptocurrency crimes relate to fraud and scams against individual investors and users, but one type of cryptocurrency crime that network security managers should be aware of is cryptojacking. Here's an overview of cryptocurrency and cryptojacking so you can protect your networks from this rising threat.
Cryptocurrency in a Nutshell
Cryptocurrency is a form of digital payment used to purchase items online. The currency uses "coins," which are encrypted for security, thus the name cryptocurrency. There are many types of cryptocurrencies, but Bitcoin is currently the most popular.
Cryptocurrencies are based on blockchain technology. Using Bitcoin as an example, when a digital transaction occurs, a bitcoin is transmitted to a distributed network of computers. To approve the transaction, a computer must solve a series of algorithms before the bitcoin is entered as a block in a digital ledger. This problem-solving is called mining. Crypto miners compete to be the first to finish a block because they are then rewarded in the form of a cryptocurrency payment. After the transaction is confirmed by the first miner, it is added as a block to a distributed database called a ledger. A majority of the other mining computers on the network must then confirm the transaction. The entire cryptocurrency confirmation process is known as "proof of work."
The biggest problem with the proof of work concept is that it requires an ever-increasing amount of computing resources — which individual crypto miners typically don't have. This has led to groups of miners pooling their resources and splitting the cryptocurrency profits. It has also led to increasing reports of cryptojacking.
Cryptojacking is basically hijacking a computer, tablet, smartphone, or other device and using its computing power for crypto mining. This reduces the miner's overhead and provides greater profit.
Cryptojacking and the Threat for your Network
Although cryptojacking typically concerns individual computer users, there are ways it can affect your network. Cryptojacking malware doesn't harm computers or steal data like most malware threats, it uses up computing resources and electricity. One computer hijacked isn't an issue, but when it affects many computers on the network, it becomes a big problem. It can be especially troublesome if the cryptojacking code installs itself on your servers. And many types of cryptojacking malware have worming capabilities and can spread to other computers. The cryptojack attack slows down the network, increases electricity costs, and ties up help desk resources. Cryptojack attacks usually hide themselves so it's often difficult for network security managers to detect them other than a slow down of your network and high CPU usage.
Preventing Cryptojacking on your Networks
Naturally, you'll want to keep your network computers up-to-date with the latest security software updates. But you'll also want to keep track of the latest cryptojacking trends because cryptojacking malware delivery mechanisms are constantly changing. Use ad blockers, as many attacks use ads to deliver the cryptojacking malware, and disable JavaScript while browsing, which will prevent cryptojacking code from running. (Although it also shuts down certain desired functionality, so you may want to avoid this safety measure unless cryptojacking becomes a frequent problem.) Also, use a good firewall to detect websites that may deliver malware for cryptojacking. But note that antivirus software is often unable to detect cryptojacking code.
Although cryptojacking for crypto mining has not been a major concern of most network managers, that is likely to change. As cryptocurrency use increases, and mining it becomes more profitable, cryptojacking incidents will likely become an increasing threat to computer networks.
Talk to a network security management professional for more information.
Share27 September 2021
After I started having problems following other technologies, I realized that I needed to work harder to stay on top of new information. I began focusing more seriously on reading different literature about technology, and it was really cool to see just how much different companies could help. We updated our software programming and installed some new equipment, and it was nice to see how much of an improvement things made. I wanted to start this website to help other people to understand and apply new technology each and every single day. Read more on this blog to find out what you might have missed along the way.