It sounds like science fiction or something out of the Matrix. A world where cybercriminals use computers to mine for digital gold. Similar to how actual gold miners dig through sand to find gold, cryptomining uses computers to crunch complex mathematical calculations to find cryptocurrency like Bitcoin or Monero.
In the early days of cryptocurrency, a single person using a laptop could mine and earn cryptocurrency fairly easily. But, over time, the computer power needed to scale through huge mountains of calculations increased, and now, to scale these mountains, cryptominers must use many more computers and even servers to mine. Along the way, the value of cryptocurrency also increased making this a lucractive proposition, too.
And, where there’s money to be made, there will be cybercriminals trying to find an easier, faster road to make it.
The latest get rich quick road is called cryptojacking. And, just like it sounds, the cybercriminals ‘hijack’, also known as cryptojack, your computer’s web browser, your server and/or your phone to use to cryptomine for gold. In 2017, these campaigns increased at an alarming rate, and according to experts, this is the number one malevolent attack online today.
While data breaches are in the news daily with big corporations exploited by hackers stealing consumer data, cybercriminals have figured out that mining cryptocurrencies with stolen access is much easier than hacking data, and then trying to find a buyer for stolen data.
This is a big warning for companies– be aware of cybercriminals looking to access your web browsers, servers and mobile phones to secretly mine for gold. Tesla is a major corporation that has already fallen under the attack of these cybercriminals.
But, how exactly do they take over your computer?
Well, these clever cybercriminals hack a website, and then each person who goes to that website’s browser will be ‘hijacked’ or ‘cryptojacked’ simply by entering the website. This way, the cybercriminal doesn’t have to go web browser to web browser, in one cryptojacking campaign, they can take over THOUSANDS of computers and mine away – virtually undetected.
Recently, cybercriminals have been targeting government websites, infrastructure, and social media sites like YouTube to cryptojack computers. Cryptomining requires a LOT of power to generate cryptocurrency. Think of how your computer surges while it is processing a complex task and then multiply that over THOUSANDS of cryptojacked computers. The more people who access a website, the better the opportunity for cybercriminals to mine more cryptocurrency. If you or your employees are going to a website injected by these cryptojacking campaigns, there’s trouble looming on the horizon.
Three Tips to Fight Cryptojacking
- Educate Employees – Make sure your employees know the cryptojacking signs to look for. If browsers slow down after visiting a site, if computers start to whir and churn after visiting a site, close the browser immediately.
- Install Cryptojacking Software – While the impact on companies is low compared to other cybercrimes – the criminals are stealing your computer’s energy, not actually hijacking your computer data for ransom, there are web browser extensions like NoCoin that can be installed to mitigate cryptojacking campaigns.
- Work with a Professional – Cryptojacking is in its infancy and is scaling up to be one of the biggest cybercrimes online. Work with a professional that stays abreast of these, and can develop strategies to keep you and your company’s property safe.
At OT Computers, we specialize in cybersecurity strategies for the small to mid-sized Atlanta professional services firm. Give us a call to discuss your options at 678-789-0629.