I’m Sorry, CRYPTOwhat?
It is called cryptojacking and it’s the trend for the fall in the cyber world.
Described as a form of cyber-attack aimed at mining cryptocurrency on behalf of the hacker, it is a growing concern for businesses that are considering a form of blockchain addition to their existing systems as a an added security measure.
Ethical hackers have described cryptojacking as a win/win for the hacker; since ransomware could only garner in fixed amounts before they released records back to the owner, cryptojacking allows the hacker to penetrate the system, take as much as is available to them, and flee the scene.
CIO Dive describes this phenomenon as taking cyber threats to the “Wild West.” Cloud-based systems have a virtually non-existent security barrier as these types of threats are coded differently to ransomware. Besides the coding, having the data available anywhere on the internet, these cryptojackers can attack from anywhere, to any point in the cloud. Depending on how vast the cloud system may be, cryptojackers may leave ‘open holes’ at their point of attack and may go unnoticed by script developers.
The good news is that this concept is still in its infancy. In January, cryptojackers released their first wave of java-infecting scripts on the most vulnerable websites (unfortunately based in Taiwan, India, and Russia where the web-security technology is either not taken seriously or simply not as advanced) and made with over $3.6M by the end of the month. Kits are available to corrupt web java scripts and can be found on the dark web for as little as $30.
As scary as all of this sounds, preventative measures are easy to implement and include good browsing practices; not opening odd-looking emails, maintaining computer and browser updates, and ensuring that any programs or extensions that will be added to mobile or home devices are from a trusted source.
For more information on cryptojacking, click here (we promise it’s a trusted source but we will also list it below).