Story image
Multi-factor authentication / MFA
Bitglass
Cryptojacking
Cryptomining

How to avoid becoming a cryptojacking victim - Bitglass

By Contributor, Tue 14 May 2019
FYI, this story is more than a year old

Article by Bitglass CTO Anurag Kahol

Fifty percent of organisations have malware in at least one of their cloud applications according to a report published by Bitglass. 

Cloud cryptojacking has become the biggest cybersecurity threat facing businesses, especially enterprise-level organisations. 

What is cryptojacking?

The term ‘cryptojacking’ refers to the unauthorised use of a third party’s computing resources to mine cryptocurrency. 

Large-scale cryptojacking is a lucrative business due to the popularity and value of cryptocurrencies like Bitcoin and Ethereum, so it is unsurprising that hackers are targeting vulnerable data centres to help them boost their capabilities.

Cloud-based resources, and in particular infrastructure-as-a-service (IaaS) platforms, are main targets for this activity as they offer virtually infinite resources and tremendous processing power, as well as an environment where attackers can largely go undetected. 

The methodology used to obtain the right accesses for cryptojacking are not dissimilar to other cyber threats like ransomware. 

Often it will be via phishing emails that load cryptomining code, or via a website that has been infected with a specific JavaScript code that will auto-execute when loaded. 

This particular method often goes undetected by the victim for a long time as it runs silently in the background.

The most often cited case of cryptojacking took place in 2018 when Tesla fell victim to an attack. 

The automotive company discovered that some of its Amazon Web Services (AWS)  infrastructure was being appropriated for mining. 

The attack had been concealed from conventional firewalls and intruder detection systems as the cybercriminals had hidden the IP addresses of their mining programs behind a content delivery network; they had also throttled the mining software to ensure that it did not trigger high-usage-detection systems.

Here are five tips to secure infrastructure against cryptojacking:

1. Employee awareness
Employees are every organisation’s first line of defence, so make sure they are equipped with the right tools and training to be an effective part of the security strategy. 
Employees that are well versed in the company’s cybersecurity policies are less likely to fall victim to an attack. 
Teach them what to look for and what to avoid - focus on the threat of phishing attacks. 

2. Deploy the extensions
As mentioned earlier, one method cybercriminals use is to lace websites with auto-executing cryptojacking scripts. 
All employees should deploy ad-blocking and anti-cryptomining extensions on web browsers to avoid downloading this type of code from websites. 

3. Passwords and multi-factor authentication (MFA)
MFA and strong passwords should be in place for all cloud apps and IT assets. 
The attackers who compromised Tesla’s environment went through an administration console that was not password protected. 
Passwords should, as a minimum, include a mixture of alphanumeric credentials, and enforcing multi-factor authentication are must-haves for ensuring the protection of sensitive enterprise assets. 

4. Updates are not an option
Patches and software updates are regularly released by all security vendors – these are not optional.
Promptly install them to ensure endpoints and cloud-based tools have their security gaps filled, protecting them from the latest threats.  

5. Securing personal devices  
With BYOD becoming more common among businesses, securing personal devices is a must. 
This is most effectively achieved through an agentless solution, as tools like mobile device management (MDM) can harm device functionality, invade user privacy, and, consequently, prove incredibly difficult to deploy on employees’ personal devices.

Related stories
Warning: Pay heed to Data Protection Day>>
New botnet uncovered known for sextortion and crypto-jacking>>
LogMeIn spins out LastPass as standalone company>>
New threat intelligence from Sophos following the Apache Log4Shell vulnerability>>
Varonis has discovered new threat bypassing multi-factor authentication in Box>>
Sophos uncovers new variants of Tor2Mine cryptominer>>
Top stories
Recent stories
Story image
Digital Transformation / DX
NZ tech sector has what it takes to attract international investment - industry boss
The tech sector says it has what it takes to woo international investors, who have come courting.>>
Story image
Cybersecurity
Insider threats costing organisations $15.4 million a year
Negligent insiders are the root cause of 56% of incidents while credential thefts have almost doubled and are the costliest to remediate. >>
Link image
Ransomware
Does your business have enough cyber resilience for the changing tech landscape?
Ongoing cyber threats pose many challenges to businesses and it's only getting worse. The new Arcserve eBook provides crucial advice about deploying a comprehensive 3-2-1-1 cyber-resiliency. >>
Story image
Managed Services
Deloitte calls on Exabeam as vendor for managed XDR
According to Exabeam president Ralph Pisani, the company’s cybersecurity and automation capabilities will assist with threat detection, investigation, and response.>>
Story image
Qlik
Explainability: the foundation of trust in data
In 2022, data is one of the most valuable assets Australian organisations possess. Long-term success and durability for businesses rest upon it.>>
Story image
Cybersecurity
80% of organisations say infrastructure access is top strategic priority
StrongDM, the infrastructure access platform, announced the results of a new survey of 600 DevOps professionals in 2022: The Year of Access.>>
Story image
Endpoint detection and response / EDR
Why network visibility must be the foundation of Zero Trust architecture
In May 2021, U.S. Presidential Executive Order 14028 on improving the nation’s cybersecurity was issued, directing federal agencies to transition to a Zero Trust Architecture (ZTA) as they modernise and move to cloud services.>>
Story image
Open Source
The aftermath of Log4j - What can be done to protect businesses?
Last year's Apache Log4j vulnerability created a lot of chaos, so what can be done to protect companies from the security implications?>>
Story image
Artificial Intelligence / AI
Meta says it's building the 'fastest supercomputer in the world'
Meta’s AI Research SuperCluster will be used to develop advanced AI in areas such as computer vision, natural language processing and speech recognition.>>
Story image
SaaS
Axonius launches first SaaS risk management product
SaaS management tools typically cater to the business side or the security posture management side, but each side is still prone to visibility gaps and information siloes.>>
Story image
Inventory
Warning: Pay heed to Data Protection Day
Data Protection Day, impending in Europe, serves as a global reminder of one of the most important responsibilities for any organisation: keeping sensitive data secure.>>
Story image
Cyber attacks
Enea identifies trends that will shape the mobile industry in 2022
"We trust that the trends highlighted in this year’s report provide a roadmap for mobile operators to navigate our post-pandemic world.”>>
Link image
Accenture Interactive
A new range of working trends is approaching, is your business ready?
A major shift in work trends has led to unprecedented growth in the business sector. The new Fjord Trends 2022 report by Accenture can give your company the tools to navigate and adapt.>>
Story image
Katana
Katana announces expansion and release on DIA marketplace
Managed service company Katana has announced that its managed Domain-based Message Authentication, Reporting, and Conformance (DMARC) implementation service has been released on the Department of Internal Affairs Marketplace.>>
Story image
Cryptocurrency
Check Point Research reveals how hackers run token scams and 'Rug Pull' money - and how to avoid them
Check Point Research has revealed how scammers are altering smart contracts to create fraudulent tokens. They then use methods to "rug pull" money from people with altered smart contracts, leading to money heists.>>
Story image
Disaster Recovery
Disaster recovery: Are you prepared for the cloud to clear?>>
Story image
Accenture
Bringing legacy mainframes into the modern IT environment>>
Story image
Training
Phishing emails in Q421 focused on everyday tasks - research>>
Link image
Cloud Services
Mainframe modernisation the key to business growth>>
Story image
Cybersecurity
Cybersecurity automation: differing priorities show need for better C-Suite awareness of benefits>>
Story image
Cybersecurity
Kaspersky maps out supply chain resilience plans in APAC>>
Story image
Malware
More elusive and persistent - Kaspersky researchers uncover the third known firmware bootkit>>
Story image
Check Point
Check Point Research reveals botnets on the rise, software vendors hit hard by cyber attacks>>
Story image
Cybersecurity
Advantage hires new senior cyber security engineer>>
Story image
Multi Cloud
Dell Technologies caters to multi cloud reality with new capabilities>>
Story image
Open Source
The Linux Foundation makes record progress in addressing talent shortages >>
Story image
Axiomatics
emt and Axiomatics forge distribution partnership for Asia and A/NZ regions>>
Story image
IDC
IDC reveals its top 10 IT industry trends for Australia and New Zealand - report>>
Story image
Artificial Intelligence / AI
Protecting Australia’s critical infrastructure with AI>>
Story image
Digital Transformation / DX
ThycoticCentrify adds veteran leaders to international sales team>>
Story image
Ransomware
2021 open season for attackers as compromised data increases>>
Story image
Cybersecurity
Experts weigh in on how to protect yourself against banking scammers>>
Story image
Phishing
COVID-19 vax most popular topic for phishing attacks in 2021>>
More stories