The Gold Rush of the 21st Century has some serious risks
Although mining is a multi-billion dollar industry, it isn’t for the faint-hearted
For the financially motivated, mining can be an extremely rewarding business. In a world of digital financial assets, which can be compared to bars of gold, mining can produce deep rewards.
Mining plays a huge role in the cryptocurrency ecosystem by verifying transactions on the cryptocurrency’s “blockchain”, a ledger that records transactions and ownership for all to see. Once a transaction has been verified, the rewards come rolling in.
Sounds simple right?
Wrong. Mining life isn’t always as easy as it seems. You need an extreme amount of computing power and an extremely fast network. Unfortunately, that’s not always quick to come by.
The amount of computing power needed has helped shape a new generation of malware, which uses the processing power of websites to mine for them. Cryptocurrency mining malware is far more lucrative for miners than sitting in a dark room mining manually.
For mining criminals with control of an infected system, cryptocurrency mining can be done for free by outsourcing the energy costs and hardware demands to the victim that has the malware on their system.
In July 2014, researchers observed an unknown threat actor redirecting cryptocurrency miners’ connections to attacker-controlled mining pools and earning approximately $83,000 in about four months.
Mining malware has increasingly become a multi-faceted threat, as financially motivated threat actors have deployed it wherever they can generate the highest return on investment.
Miner’s ROI could be on your organization’s endpoints
Over 1.65 million endpoints have been infected by cryptocurrency mining software in 2017 and with that number so high, one or more of those endpoints could be on your organization’s network or worse a third-party’s network that works with your organization.
A strain of cryptocurrency malware was found on a Tennessee hospital’s Electronic Medical Record system. Hacking into the hospital’s EMR allowed the hackers to access patient names, addresses, social security numbers, birthdays, diagnosis and treatment data. A clear violation of HIPAA.
The problem is that users, including businesses whose servers are seen as a good source of ‘free’ computing power, can either be fooled into including the mining software during an otherwise legitimate application installation, by exploiting software vulnerabilities, or by exploiting trusted vendors like an EMR vendor.
Here’s what you can do to avoid being victim to this new malware
- Manage your Third Party Vendors – One common denominator of malware infiltrating any cyber network is through a third party. Managing third party risk is key to defending your data from being affected by malware attacks. Be sure to work with your CISO and GRC team to avoid these types of issues.
- Layer your endpoint security – An endpoint protection strategy includes profiling the environment to assess defenses and vulnerabilities and layering your security so you know what’s coming and you’re ready for anything.
- Use a VPN – If you’re away from a secure home or work network, consider using a VPN. This is a piece of software that gives you a secure connection to the Internet so that third parties cannot intercept or read your data.