Welcome to cybersecurity today. It’s Wednesday August 11. I’m Howard Solomon, contributing author on cybersecurity for ITWorldCanada.com.
Cyber ââcrooks still attempt to secretly infect corporate computers, personal computers, and smartphones to mine for cryptocurrency. Cryptojacking has been around for years. It fluctuates as the value of cryptocurrencies increases and decreases. According to a report released last week by Palo Alto Networks Threat Intelligence Unit 42, cryptojacking could be on the decline. For the five months ending in February, only 17% of organizations with cloud infrastructure showed signs of cryptojacking activity, he said. This compares to 23% for the three months ending September 2020. This is the first drop since Unit 42 started tracking cryptojacking trends in 2018. FireEye believes the drop is likely due the fact that organizations protect themselves better.
In an interview Dave Masson, Canadian director of corporate security for Darktrace, said cryptojacking has become a bigger threat to organizations since employees started working from home. Many personal computers are not as well protected as corporate computers against cyber attacks.
What the crooks want is to harness as much computing power as possible to mine cryptocurrencies. So rather than buying lots of computers and chaining them together to get huge amounts of processing power, they steal compute cycles by infecting devices connected to the internet. Victims may notice that something is wrong if their machines are running slower than normal. However, crooks are aware of this and try to operate their malware in the most careful way possible.
It’s not just foreigners who do that, Masson told me. One of the smartest scams Darktrace has seen involves an employee who hid 12 servers running mining software under the raised floor of their company’s data center. In another case, the employee had a bunch of internet-connected servers hidden in a company warehouse.
Signs of cryptojacking include devices that run slower than normal, hotter than normal, and increase utility bills
What can you and your organization do to avoid being victimized? First, patch your software as soon as security updates become available. Mining software takes advantage of vulnerabilities in Windows, Linux, Android, and other operating systems. Keep your browsers up to date, as cryptojacking can be done through browsers. And regularly check that website code has not been compromised.
Typically, cryptojacking malware spreads through infected email attachments, which means everyone should be aware of the risks of clicking links in emails and texts.
Managers should warn employees that using corporate devices for cryptomining can damage equipment.
IT departments must have rigorous patch management procedures in place. They should also watch for signs of unusual CPU usage. Security firm Varonis notes that if there is an increase in CPU usage when users are on a website with little to no media content, this is a sign that cryptomining scripts may be in use. running.
That’s it for now Remember that the links to the details on the podcast stories can be found in the text version at ITWorldCanada.com. This is where you will find other stories of mine as well.
Follow Cyber ââSecurity Today on Apple Podcasts, Google Podcasts, or add us to your Flash Briefing on your smart speaker.