New Zealand
Story image

How to avoid becoming a cryptojacking victim - Bitglass

14 May 2019
Contributor
Share:
LinkedIn
Twitter
Facebook

Article by Bitglass CTO Anurag Kahol

Fifty percent of organisations have malware in at least one of their cloud applications according to a report published by Bitglass. 

Cloud cryptojacking has become the biggest cybersecurity threat facing businesses, especially enterprise-level organisations. 

What is cryptojacking?

The term ‘cryptojacking’ refers to the unauthorised use of a third party’s computing resources to mine cryptocurrency. 

Large-scale cryptojacking is a lucrative business due to the popularity and value of cryptocurrencies like Bitcoin and Ethereum, so it is unsurprising that hackers are targeting vulnerable data centres to help them boost their capabilities.

Cloud-based resources, and in particular infrastructure-as-a-service (IaaS) platforms, are main targets for this activity as they offer virtually infinite resources and tremendous processing power, as well as an environment where attackers can largely go undetected. 

The methodology used to obtain the right accesses for cryptojacking are not dissimilar to other cyber threats like ransomware. 

Often it will be via phishing emails that load cryptomining code, or via a website that has been infected with a specific JavaScript code that will auto-execute when loaded. 

This particular method often goes undetected by the victim for a long time as it runs silently in the background.

The most often cited case of cryptojacking took place in 2018 when Tesla fell victim to an attack. 

The automotive company discovered that some of its Amazon Web Services (AWS)  infrastructure was being appropriated for mining. 

The attack had been concealed from conventional firewalls and intruder detection systems as the cybercriminals had hidden the IP addresses of their mining programs behind a content delivery network; they had also throttled the mining software to ensure that it did not trigger high-usage-detection systems.

Here are five tips to secure infrastructure against cryptojacking:

1. Employee awareness
Employees are every organisation’s first line of defence, so make sure they are equipped with the right tools and training to be an effective part of the security strategy. 
Employees that are well versed in the company’s cybersecurity policies are less likely to fall victim to an attack. 
Teach them what to look for and what to avoid - focus on the threat of phishing attacks. 

2. Deploy the extensions
As mentioned earlier, one method cybercriminals use is to lace websites with auto-executing cryptojacking scripts. 
All employees should deploy ad-blocking and anti-cryptomining extensions on web browsers to avoid downloading this type of code from websites. 

3. Passwords and multi-factor authentication (MFA)
MFA and strong passwords should be in place for all cloud apps and IT assets. 
The attackers who compromised Tesla’s environment went through an administration console that was not password protected. 
Passwords should, as a minimum, include a mixture of alphanumeric credentials, and enforcing multi-factor authentication are must-haves for ensuring the protection of sensitive enterprise assets. 

4. Updates are not an option
Patches and software updates are regularly released by all security vendors – these are not optional.
Promptly install them to ensure endpoints and cloud-based tools have their security gaps filled, protecting them from the latest threats.  

5. Securing personal devices  
With BYOD becoming more common among businesses, securing personal devices is a must. 
This is most effectively achieved through an agentless solution, as tools like mobile device management (MDM) can harm device functionality, invade user privacy, and, consequently, prove incredibly difficult to deploy on employees’ personal devices.

Related stories:
Bitglass report finds 66% of companies omit key security tool
Are Fortune 500 companies failing at cyber security? 
Fortune 500 companies failing to demonstrate cybersecurity commitment - Bitglass
Thales announces expanded access management capabilities
Carbon Black discovers evolution of popular cryptomining campaign
Yubico launches lightning-compatible security key
Dig deeper:
Story image
31 Oct
How SMS became the trusted mode of customer communications
About 90 percent of text messages are read within three minutes of receipt and we’re seven times more likely to respond to a text than an email. More
Story image
Yesterday
Cyxtera spins out cybersecurity business into AppGate
AppGate brings together a set of differentiated cloud- and hybrid-ready security and analytics products and services. More
Story image
22 Oct
Trend Micro acquires Cloud Conformity to expand capabilities
The acquisition resolves often overlooked security issues caused by cloud infrastructure misconfiguration.More
Story image
Yesterday
How user-centred design is reshaping cybersecurity
A user-centered design approach starts with users and asking them what they want to gain a deeper understanding of their needs.More
Download image
Whitepaper: Juniper Networks put to the test in malware attacks
With a multitude of solutions on the market, ESG decided to use malware attacks to evaluate market solutions like Juniper Networks’ automated threat detection and remediation.More
Story image
24 Oct
Rackspace selects Armor to deliver security for hybrid cloud environments
Armor’s cloud security platform, Armor Anywhere, will be integrated into Rackspace’s portfolio of security services for all major private and hyperscale public clouds.More
Story image
How SMS became the trusted mode of customer communications
About 90 percent of text messages are read within three minutes of receipt and we’re seven times more likely to respond to a text than an email. More
Story image
Cyxtera spins out cybersecurity business into AppGate
AppGate brings together a set of differentiated cloud- and hybrid-ready security and analytics products and services. More
Story image
Trend Micro acquires Cloud Conformity to expand capabilities
The acquisition resolves often overlooked security issues caused by cloud infrastructure misconfiguration.More
Story image
How user-centred design is reshaping cybersecurity
A user-centered design approach starts with users and asking them what they want to gain a deeper understanding of their needs.More
Download image
Whitepaper: Juniper Networks put to the test in malware attacks
With a multitude of solutions on the market, ESG decided to use malware attacks to evaluate market solutions like Juniper Networks’ automated threat detection and remediation.More
Story image
Rackspace selects Armor to deliver security for hybrid cloud environments
Armor’s cloud security platform, Armor Anywhere, will be integrated into Rackspace’s portfolio of security services for all major private and hyperscale public clouds.More
Story image
Barracuda Networks integrates WAF into cloud platform
 Barracuda Networks announced a new Cloud Application Platform (CAP), which provides security, as well as a new web application firewall (WAF) as a service solution built on Microsoft Azure.More
Story image
Pulse Secure launches new access management and threat mitigation features
Pulse Secure aims to enable enterprise and service provider organisations to progress Zero Trust security and mitigate hybrid IT risks.More
Story image
Adobe, New York Times and Twitter announce content authenticity initiative
Adobe is developing an opt-in system that will allow creators and publishers to securely attach attribution data to content they choose to share. More
Story image
ManageEngine launches holistic take on privileged access security
PAM360 provides governance over privileged access entitlements, correlation of privileged access data with other IT management platforms.More
Story image
Quantum computing will pose risks to enterprise encryption
“It is encouraging to see that so many companies understand the risk and challenges that quantum computing poses to enterprise encryption."More
Download image
In focus: Real-world stories about security automation
"That’s the path you have to go take, because without automation, you’re an easy target.”More
Download image
Ten keys to unlocking cybersecurity automation
Modern cybercriminals are well organized, well-funded, and profit driven. To effectively combat these cybercriminals, enterprise security teams must become crimefighters. More
Story image
Major security, privacy and ethical blindspots in AI development
Security, privacy and ethics are low-priority issues for developers when modelling their machine learning solutions.More
Story image
Microsoft's new security innovations at Ignite 2019
Microsoft 365 and Security corporate vice president Kirk Koenigsbauer outlined 10 major security announcements across Azure, Microsoft 365, Office, and Microsoft Defender ATP. More
Story image
NZ information security award finalists revealed
The iSANZ Awards were established five years ago to recognise the achievements of New Zealanders in the country’s information security (InfoSec) and cybersecurity field. More
Story image
Enterprises look to zero trust network access to thwart VPN attacks
“Though it is encouraging to see so many organisations are pursuing ZTNA to close gaps created by VPNs, I am surprised that more than half of those surveyed believe their current infrastructure is reliable enough to protect the enterprise."More
Story image
Women underrepresented in cybersecurity in half of enterprises - Kaspersky
Despite some diversity initiatives, women constitute 39% of the labour force and only 25% of management positions worldwide in general.More
Story image
WatchGuard launches new ruggedised Wi-Fi access point
The WatchGuard AP327X is a new IP67-rated Wi-Fi access point (AP) with four N-Type connectors to support a variety of external antennas.More
Download image
Is an MSSP really a safe bet?
One of the largest inhibitors to cloud adoption is concern around the security of leveraging a service provider in a multi-cloud world. A lot is at stake and yes, you should be cautious.More
Story image
Wakeup call: NZ and Aussie SMBs rate highest globally in ransomware attacks
New Zealand and Australian small to medium sized businesses are in need of a wakeup call after recording the highest rate globally of reported ransomware attacks.More
Story image
F5 integrates BIG-IQ into Venafi Machine Identity Protection Platform
The integration allows network operations to orchestrate the lifecycle of SSL/TLS certificates and ensure security policies are enforced across devices.More
Story image
Breaches on the rise despite increased security spend, survey finds
"This study shows the vulnerability gap that has been a growing pain point for CIOs and CISOs."More
Story image
Securing the unknown with visibility and control
What’s getting in the way of an organisation’s security health and what needs to happen to secure those vulnerabilities? What assets does an organisation own? How does an organisation gain visibility? Where do the assets live? Who has access to those assets?More
Link image
Whitepaper: The state of play of A/NZ cybersecurity
There’s no denying the cybersecurity challenges: lack of skills, compliance and the changing threat landscape are just the tip of the iceberg.More
Story image
Digital optimisation makes HR processes easier - Hyland
Although we tend to think of data breaches as the work of malicious hackers, carelessness and mishandling of sensitive documents are just as likely to be the culprit.More
Story image
ESET discovers campaign stealing bitcoins from darknet users
ESET researchers have discovered a trojanised Tor Browser that cybercriminals use to steal bitcoins from darknet market buyers.More
Whitepaper: Biggest barriers to cloud success to conquer them
This paper outlines barriers, impacts, and the required skills to compete in a tech-driven world.More
Forcepoint increases cloud security presence to cover 128 countries
This PoP expansion brings Forcepoint services to virtually anywhere in the world while delivering optimal security and productivity enhancing capabilities. More
Whitepaper: How advanced persistent threats are making threat prevention obsolete
The ability to persist has made the whole idea of prevention obsolete.More
Get the best out of AWS
From DevSecOps to customised cloud, you want to ensure your money pays for real results.More
Hackers access NordVPN server, users unaffected
While being connected to the server, the hacker could only see what an ordinary ISP would see, but it could not have been personalised or linked to a particular user.More
The human eye as a proxy for the future of networking
In recent years scientists have been unravelling the intricate structure and wiring of retina neurons within the eye - Mellanox Technologies looks beneath the surface. More
How to protect Industrial IoT from ransomware
Ransomware outbreaks in 2017 hit production networks worldwide, resulting in shutdowns, massive clean-up efforts and millions of dollars in damages, Claroty finds. More
Visibility and control to secure inconsistent cloud platforms – Fortinet
It takes consistency across the entire security ecosystem to fully protect cloud-based applications - Fortinet’s Josh Alcock explains how.More
Alibaba Cloud gains new security accreditations
Alibaba Cloud obtained the Level 3 assessment in TISAX for automotive and Good “x” Practice (GxP) readiness assessment for the healthcare industry.More
Big Tech firms dominating internet choices
"While people benefit from big tech's products and services, they are clearly concerned about associated security and privacy threats, and they also want more choice."More
Attacks on IoT devices booming, research finds
“As people become more and more surrounded by smart devices, we are witnessing how IoT attacks are intensifying."More
Proofpoint acquires insider threat management firm ObserveIT
Proofpoint will hand over US$225 million as part of a new arrangement to acquire insider threat management platform ObserveIT.More
Worldwide spending on security products and services set to reach $151.2 billion in 2023
"Considering there have been many attempts for hackers to acquire funds from banks, the banking industry is expected to spend the most on security solutions."More
The dawn of a new age: Google cracks quantum supremacy
It’s the ‘eureka’ moment technologists and scientists have been yearning for.More
WatchGuard inks distie agreement with Soft Solutions
Soft Solutions will distribute the company’s entire range of network security, W-Fi and multifactor authentication products. More
How to design a secure data centre network
When considering data centre security, you will need to decide which security functions need to be deployed and where you want to deploy them.More
Inland Revenue cracks down on multinationals' tax obligations
“If they don’t play by the new rules, we will know who they are, and they should expect we’ll be in touch."More
Qrious attains ISO 27001 data security certification
“This is a commitment to a yearly review process requiring evidence that Qrious has continuously raised the bar on data security practices.”More
More stories