Threat Management, Threat Management

The silent rise of cryptojacking


The term “cyber breach” brings to mind customer data strewn across the internet, social security numbers permeating the dark web and major news headlines. While these types of far-reaching incidents are the most likely to generate concern for consumers and organizations, a recent study from the Internet Society’s Online Trust Alliance has flagged a new, growing risk that often lurks undetected in the background.

Cryptojacking is an emerging threat that parallels the rise of cryptocurrency, but has flown largely under the radar, both in terms of general public knowledge and awareness on the victim side. However, based on data from various industry sources, cryptojacking attacks have more than tripled since 2017, creating new concern about the rise in these types of incidents. And though cryptojacking waned in late 2018 as cryptocurrency prices fell, it has made a resurgence in 2019 along with the rising cryptocurrency prices.

Unlike phishing or ransomware attacks, cryptojacking runs nearly silently in the background of the victim’s computer or device. It involves installing malware on a device connected to the internet, which can be anything from a phone, to a gaming console, to a router, to an organization’s servers. Once installed, the hacker can then use the devices’ computing power to “mine” cryptocurrency without the user’s knowledge.

Given the large amount of processing power it takes to successfully mine cryptocurrency, the goal of any cryptojacking operation is to hijack enough devices so that their processing power can be pooled. This is achieved by hijacking vast numbers of devices, but only using small amounts of each individual device’s processing power, so the user is not likely to notice their device is being hijacked. Conceptually similar to a botnet, attackers then network these hijacked devices together to mine cryptocurrency.

Explaining the Spike

So why the recent spike in such passive attacks? While cryptojacking may have been low on the hacker priority list in the past, the rise in the value of cryptocurrency means it’s now a lucrative way for hackers to make money quickly. Moreover, unlike phishing or malware, which gives access to data that then must be infiltrated or sold, cryptojacking provides a direct path to actual tangible ‘cash’ without the second step. The evolution in the legitimacy of cryptocurrency, with institutions like JP Morgan Chase and Facebook getting into the game, means that cryptocurrency is now more openly accepted, versus being a type of mystical vaporware used only by the internet elite.

In addition, the continued improvement in encryption technologies and privacy and security measures may mean that hacking in a traditional, invasive way is becoming more challenging for cyber criminals. Cryptojacking provides a lucrative payout without actually touching any sensitive or protected owner data. Also, because of its silent nature, it may allow for a prolonged payout for these criminals, who can infiltrate and then stay resident on a device without being detected for long periods of time.

The Impact on Organizations

Risks associated with cryptojacking don’t appear to be as blatant or far-reaching as other types of cyber incidents, at least at first. In fact, the majority of victims may never realize that their machines are being utilized for nefarious purposes. The signs that your devices may have been infected are notoriously hard to detect, because often the software is not malware in the traditional sense but rather legitimate crypto mining code illicitly installed, and thus not flagged by security scans.

Sudden slowing of your device or a rise in complaints across-company about computer performance may be a sign that there is an issue. Yet while a decline in computing performance can be a costly issue for larger corporations (and certainly amount to annoyance and lost productivity for the individual), the real risk comes from the door that is opened on your devices when a cryptojacking hack occurs. At the end of the day, cryptojacking is just another form of attack, and thus similar to other breaches in that a criminal has gained illicit access to the target device.  Once the device has been compromised, other breaches are far more likely to occur.

Avoiding Attacks in the Future

Organizations and individuals looking to protect themselves from cryptojacking need to ensure their security standards are high and that they are taking every step to protect themselves against all types of cyber incidents. Make sure everyone on your network is using unique passwords and multi-factor authentication. Continuously monitor for anomalous activity on the network, be sure any software installed on a device comes from a reputable source and that the software is fully patched.

By being diligent on all security fronts, most cryptojacking attacks can be avoided or remedied after the fact. The rise in cryptojacking incidents is a good reminder that everyone who isn’t following key security and privacy best practices is at risk for this type of attack, or worse. Practicing proactive and ongoing protection measures is the only way to minimize the risks and protect against cybercriminal activity. 

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.