sb-nz logo
Story image

How to avoid becoming a cryptojacking victim - Bitglass

14 May 2019
Contributor
Share:

Article by Bitglass CTO Anurag Kahol

Fifty percent of organisations have malware in at least one of their cloud applications according to a report published by Bitglass. 

Cloud cryptojacking has become the biggest cybersecurity threat facing businesses, especially enterprise-level organisations. 

What is cryptojacking?

The term ‘cryptojacking’ refers to the unauthorised use of a third party’s computing resources to mine cryptocurrency. 

Large-scale cryptojacking is a lucrative business due to the popularity and value of cryptocurrencies like Bitcoin and Ethereum, so it is unsurprising that hackers are targeting vulnerable data centres to help them boost their capabilities.

Cloud-based resources, and in particular infrastructure-as-a-service (IaaS) platforms, are main targets for this activity as they offer virtually infinite resources and tremendous processing power, as well as an environment where attackers can largely go undetected. 

The methodology used to obtain the right accesses for cryptojacking are not dissimilar to other cyber threats like ransomware. 

Often it will be via phishing emails that load cryptomining code, or via a website that has been infected with a specific JavaScript code that will auto-execute when loaded. 

This particular method often goes undetected by the victim for a long time as it runs silently in the background.

The most often cited case of cryptojacking took place in 2018 when Tesla fell victim to an attack. 

The automotive company discovered that some of its Amazon Web Services (AWS)  infrastructure was being appropriated for mining. 

The attack had been concealed from conventional firewalls and intruder detection systems as the cybercriminals had hidden the IP addresses of their mining programs behind a content delivery network; they had also throttled the mining software to ensure that it did not trigger high-usage-detection systems.

Here are five tips to secure infrastructure against cryptojacking:

1. Employee awareness
Employees are every organisation’s first line of defence, so make sure they are equipped with the right tools and training to be an effective part of the security strategy. 
Employees that are well versed in the company’s cybersecurity policies are less likely to fall victim to an attack. 
Teach them what to look for and what to avoid - focus on the threat of phishing attacks. 

2. Deploy the extensions
As mentioned earlier, one method cybercriminals use is to lace websites with auto-executing cryptojacking scripts. 
All employees should deploy ad-blocking and anti-cryptomining extensions on web browsers to avoid downloading this type of code from websites. 

3. Passwords and multi-factor authentication (MFA)
MFA and strong passwords should be in place for all cloud apps and IT assets. 
The attackers who compromised Tesla’s environment went through an administration console that was not password protected. 
Passwords should, as a minimum, include a mixture of alphanumeric credentials, and enforcing multi-factor authentication are must-haves for ensuring the protection of sensitive enterprise assets. 

4. Updates are not an option
Patches and software updates are regularly released by all security vendors – these are not optional.
Promptly install them to ensure endpoints and cloud-based tools have their security gaps filled, protecting them from the latest threats.  

5. Securing personal devices  
With BYOD becoming more common among businesses, securing personal devices is a must. 
This is most effectively achieved through an agentless solution, as tools like mobile device management (MDM) can harm device functionality, invade user privacy, and, consequently, prove incredibly difficult to deploy on employees’ personal devices.

Related stories:
A definitive guide to cloud access security brokers
Bitglass & CrowdStrike develop agentless ATP defender
Interview: Yubico A/NZ vice president on passwords in the modern world
Six practical tips for better password practice
Microsoft takes down malicious botnet after years of tracking
Phishing URLs grew by 640% last year - report
Dig deeper:
Story image
Swann releases two new smart security cameras
The solutions include tracking, night vision, and other features, supported by a connected application.More
Story image
Google to demand two-factor authentication across Nest accounts
Google is cracking down on authentication protocols for its popular line of connected devices, Google Nest.More
Download image
Why new management is key when dealing with a changing workforce
Diversity in ages and attitudes within modern workforces is the norm now, but can pose serious risk. Find out how to manage the risk.More
Story image
New detection tool aims to catch Twitter bots in real time
Twitter recognises that it’s hard to tell just how much misinformation is out there on social media.More
Story image
D-Link brings thermal scan/facial recognition camera to A/NZ
The device can scan a large crowd and automatically raise an alert if a person with an elevated temperature is found.More
Download image
Security culture in the workplace integral to successful cybersecurity
When you think about security, what is the first word that springs to mind? Could it be defence, technology, people, or something else?More
Story image
Swann releases two new smart security cameras
The solutions include tracking, night vision, and other features, supported by a connected application.More
Story image
Google to demand two-factor authentication across Nest accounts
Google is cracking down on authentication protocols for its popular line of connected devices, Google Nest.More
Download image
Why new management is key when dealing with a changing workforce
Diversity in ages and attitudes within modern workforces is the norm now, but can pose serious risk. Find out how to manage the risk.More
Story image
New detection tool aims to catch Twitter bots in real time
Twitter recognises that it’s hard to tell just how much misinformation is out there on social media.More
Story image
D-Link brings thermal scan/facial recognition camera to A/NZ
The device can scan a large crowd and automatically raise an alert if a person with an elevated temperature is found.More
Download image
Security culture in the workplace integral to successful cybersecurity
When you think about security, what is the first word that springs to mind? Could it be defence, technology, people, or something else?More
Story image
Four tips for organisations to help future-proof their OT security strategy
IT and OT networks are founded on different and often conflicting priorities, making IT-OT security challenging for businesses. Only when the needs of both environments are thoroughly understood can digital convergence be successful.More
Story image
Microsoft warns of huge email phishing scam
The phishing campaign installs NetSupport Manager remote admin tool to take over and execute commands. More
Story image
One in three ransomware attacks target business users
Ransomware has become a big challenge for many organisations, despite the attack method not being the most advanced threat.More
Download image
VPNs essential for the modern work environment
Your VPN needs to offer easy, frictionless and secure access to more users than ever before, or you risk letting malicious threat actors in.More
Story image
CrowdStrike expands Linux protection, adds machine learning prevention
CrowdStrike says its solution delivers proven breach prevention and visibility from its cloud-delivered platform via a single lightweight agent.More
Story image
Shadow of ransomware looms over healthcare sector
“Hackers will continue to target vulnerable systems as long as there are profits to be made: from selling the stolen patient’s data to holding the healthcare systems hostage until the criminals’ demands are met.”More
Story image
Six benefits of initiating a deception strategy for IT security teams
Deception puts increased power into the hands of security teams by comprehensively protecting against attacks from both external parties and malicious insiders.More
Story image
ThreatQuotient extends professional services for security intelligence
ThreatQuotient’s global Professional Services team was first launched in 2017 and provides core capabilities to assess, design and build a threat-centric security operations function. More
Story image
Five wine-tasting tips that should be applied to network security
What does network visibility really mean? Much like a blind wine tasting, we need to keep an open mind and trust what data is telling us without being biased by previous results.More
Story image
Thycotic launches DevOps Secrets Vault solution for greater cloud security
“DevOps Secrets Vault is a cloud-based vault that balances the security and velocity that DevOps teams require for this growing part of the enterprise attack surface."More
Story image
Dark web packed with offers to hack corporate networks
"The larger the hacked company is, and the higher the obtained privileges, the more profitable the attack becomes."More
Story image
Intel creates 10th Gen vPro processors for 'next generation of business computing'
“Built for business, the Intel vPro platform is a comprehensive PC foundation for performance, hardware-enhanced security, manageability and stability,” says Intel.More
Story image
ExtraHop brings SaaS network detection and response solution to market
"Reveal(x) 360 is the culmination of a multi-year R&D investment to secure data centre, remote sites, and cloud workloads with frictionless deployment and actionable insights that can be securely accessed from anywhere.”More
Story image
Sophos and Arcserve bolster alliance with two new solutions
The new solutions combine anti-ransomware and other threat-protection tech with immutable backup and disaster recovery capabilities.More
Link image
Revealed: The A-Z of mobile workforce security
Ordinary office workers - now home office workers - have never been more at risk of cyber threats. Join this webcast series to hear from experts on how to best protect your business and your staff.More
Download image
Flexible work stretches the limits of business security
Gig workers, part timers, shift workers, remote workers - they all present different risk profilesMore
Story image
A definitive guide to cloud access security brokers
CASBs offer IT administrators granular access control and deep visibility over corporate data – critical functionality for organisations moving from internal, premises-based apps to the cloud.More
Story image
How DDoS protection is like a car’s airbags
Just as someone would never remove the airbags from their car simply because they have never had a serious accident, so they should not cut back on cyber defences just because they hadn’t had a major attack in a while.More
Story image
Report: Tech industry most attacked sector
"The current global crisis has shown us that cyber criminals will always take advantage of any situation and organisations must be ready for anything."More
Story image
Interview: Mimecast channel director on new partner programme and consolidation in the channel
Craig McGregor explains Mimecast's new partner programme, the importance of consolidation in the security space, and the effect of COVID-19 on the local channel.More
Story image
Channel guru brings Bufferzone to A/NZ
Previously, Wyman brought Backup Exec/Veritas, Brocade and StorageCraft to the region.More
Current security practices 'grossly inadequate' for protecting cloud infrastructures - report
"As cloud stacks become increasingly complex, with new technologies regularly added to the mix, what's needed is a holistic approach with consistent protection across the full cloud stack."More
How rapidly evolving workforces can bring risk - and how to take it on
The times they are a-changing. Workforces, becoming more diverse, are changing too. Here's how this could be risky for businesses, and what actions could be taken to minimise that risk.More
IDC names Accenture APAC Leader in pro security services
Accenture was recognised as having one of the most comprehensive security advisory and security assessment offerings.More
Kaspersky launches security assessment training program
Kaspersky says the program is designed give organisations the tools to ensure the security and of third-party applications that are integrated into their IT infrastructures.More
NVIDIA announces new Mellanox SmartNIC for the modern data center
NVIDIA says the new SmartNIC draws on software-defined, hardware-accelerated engines to alleviate the bulk of network and security processing power typically applied to CPUs.More
Interview: Thriving in lockdown - how a coding school in Vietnam beat the odds
It's March 10 2020, and CoderSchool in Ho Chi Minh just went entirely online. A success story followed - here's how a lockdown helped a school thrive.More
Authentication drives the secure enterprise
Authentication can be applied to cloud applications, VPN access, digital workspaces, and custom or legacy apps with firewalls behind them.More
Demand for VPNs soars in Hong Kong amid fears over Beijing crackdown
VPN provider Surfshark revealed it has seen a week’s worth of sales in just one hour within the city, indicating that locals feel their internet freedom is under attack.More
76% of execs losing sleep over being the next high-profile breach
Headline-grabbing security breaches of high-profile enterprises are becoming more common, fuelling the anxieties of business leaders who hope they're not next. More
It's time to bring back simplicity and autonomy in authentication
Choose your authentication method. Integrate all your apps with one authentication solution. Take the stress out of logging in.More
ESET included in Forrester Enterprise EDR report
The report provides an overview of the technology players in the EDR market and offers insights into understanding their capabilities. More
40% of APAC consumers have dealt with personal data breaches
The Kaspersky report released today also found out that more than 20% of respondents in APAC are willing to sacrifice their privacy to gain a product or a service for free. More
FireEye unveils Cloudvisory: A multicloud security control centre
FireEye has announced the availability of FireEye Cloudvisory - a control centre for cloud security management across any private, public or hybrid security environment.More
Managed services more popular than ever
However, a new Business Report indicates that MSPs could lose vital business if they don’t balance their portfolio services accordingly.More
SolarWinds Niche Player in app monitoring Magic Quadrant
Simplicity, visibility and solution synergy have put SolarWinds into the 2020 Gartner Magic Quadrant for Application Performance Monitoring.More
VMware reveals plans to acquire Octarine, going all in for Kubernetes
VMware says once the acquisition is completed, Octarine’s integration will provide new security features for containerized applications running in Kubernetes, and will enable security capabilities as part of the fabric of the existing IT and DevOps ecosystems.More
Cybercriminals after money more than anything else - Verizon report
Of all the things cybercriminals aim to accomplish in their illicit activities, money still takes centre stage.More
Proper authentication is the key to security. Now it's free
Usually if a cyber attacker gains access to your credentials, it's game over. Stand a fighting chance at no cost with this cutting edge authentication tool.More
More stories