sb-nz logo
Story image

How to avoid becoming a cryptojacking victim - Bitglass

14 May 2019
Contributor
Share:

Article by Bitglass CTO Anurag Kahol

Fifty percent of organisations have malware in at least one of their cloud applications according to a report published by Bitglass. 

Cloud cryptojacking has become the biggest cybersecurity threat facing businesses, especially enterprise-level organisations. 

What is cryptojacking?

The term ‘cryptojacking’ refers to the unauthorised use of a third party’s computing resources to mine cryptocurrency. 

Large-scale cryptojacking is a lucrative business due to the popularity and value of cryptocurrencies like Bitcoin and Ethereum, so it is unsurprising that hackers are targeting vulnerable data centres to help them boost their capabilities.

Cloud-based resources, and in particular infrastructure-as-a-service (IaaS) platforms, are main targets for this activity as they offer virtually infinite resources and tremendous processing power, as well as an environment where attackers can largely go undetected. 

The methodology used to obtain the right accesses for cryptojacking are not dissimilar to other cyber threats like ransomware. 

Often it will be via phishing emails that load cryptomining code, or via a website that has been infected with a specific JavaScript code that will auto-execute when loaded. 

This particular method often goes undetected by the victim for a long time as it runs silently in the background.

The most often cited case of cryptojacking took place in 2018 when Tesla fell victim to an attack. 

The automotive company discovered that some of its Amazon Web Services (AWS)  infrastructure was being appropriated for mining. 

The attack had been concealed from conventional firewalls and intruder detection systems as the cybercriminals had hidden the IP addresses of their mining programs behind a content delivery network; they had also throttled the mining software to ensure that it did not trigger high-usage-detection systems.

Here are five tips to secure infrastructure against cryptojacking:

1. Employee awareness
Employees are every organisation’s first line of defence, so make sure they are equipped with the right tools and training to be an effective part of the security strategy. 
Employees that are well versed in the company’s cybersecurity policies are less likely to fall victim to an attack. 
Teach them what to look for and what to avoid - focus on the threat of phishing attacks. 

2. Deploy the extensions
As mentioned earlier, one method cybercriminals use is to lace websites with auto-executing cryptojacking scripts. 
All employees should deploy ad-blocking and anti-cryptomining extensions on web browsers to avoid downloading this type of code from websites. 

3. Passwords and multi-factor authentication (MFA)
MFA and strong passwords should be in place for all cloud apps and IT assets. 
The attackers who compromised Tesla’s environment went through an administration console that was not password protected. 
Passwords should, as a minimum, include a mixture of alphanumeric credentials, and enforcing multi-factor authentication are must-haves for ensuring the protection of sensitive enterprise assets. 

4. Updates are not an option
Patches and software updates are regularly released by all security vendors – these are not optional.
Promptly install them to ensure endpoints and cloud-based tools have their security gaps filled, protecting them from the latest threats.  

5. Securing personal devices  
With BYOD becoming more common among businesses, securing personal devices is a must. 
This is most effectively achieved through an agentless solution, as tools like mobile device management (MDM) can harm device functionality, invade user privacy, and, consequently, prove incredibly difficult to deploy on employees’ personal devices.

Related stories:
Yubico pledges to secure world's most at-risk organisations
Xero launches authentication app to boost account security
Bitglass kicks off new year with two senior APJ hires
Sophos unearths origin of prominent cryptominer
Data leakage concerns dominate cloud security perceptions - Bitglass report
COVID-19 crushes fingerprint reader market
Dig deeper:
Cryptojacking Bitglass Multi-factor authentication / MFA Cryptomining
Story image
WatchGuard names new regional director for A/NZ
Anthony Daniel says, "I look forward to continuing to drive our business strategy, grow our channel and to supporting business growth Australia and New Zealand and the Pacific islands."More
Story image
Advanced threat actors engaged in cyberespionage up their game
"This recent activity signals a major leap in their abilities."More
Story image
Why organisations should rethink the approach to retail demand planning and forecasting
Why organisations should rethink the approach to retail demand planning and forecastingMore
Story image
APAC financial firms bite down as crime compliance costs rise
The total projected cost of financial crime compliance within Asia Pacific firms reached US$12.06 billion, according to a new report.More
Story image
Gartner: Top security and risk management trends for 2021
“CISOs are keen to consolidate the number of security products and vendors they must deal with."More
Story image
WatchGuard uncovers top cyber threat trends of Q4 2020
“The rise in sophisticated, evasive threat tactics last quarter and throughout 2020 showcases how vital it is to implement layered, end-to-end security protections."More
Story image
WatchGuard names new regional director for A/NZ
Anthony Daniel says, "I look forward to continuing to drive our business strategy, grow our channel and to supporting business growth Australia and New Zealand and the Pacific islands."More
Story image
Advanced threat actors engaged in cyberespionage up their game
"This recent activity signals a major leap in their abilities."More
Story image
Why organisations should rethink the approach to retail demand planning and forecasting
Why organisations should rethink the approach to retail demand planning and forecastingMore
Story image
APAC financial firms bite down as crime compliance costs rise
The total projected cost of financial crime compliance within Asia Pacific firms reached US$12.06 billion, according to a new report.More
Story image
Gartner: Top security and risk management trends for 2021
“CISOs are keen to consolidate the number of security products and vendors they must deal with."More
Story image
WatchGuard uncovers top cyber threat trends of Q4 2020
“The rise in sophisticated, evasive threat tactics last quarter and throughout 2020 showcases how vital it is to implement layered, end-to-end security protections."More
Story image
ABB and Nozomi Networks extend collaboration, deliver improved OT security solutions
"With Nozomi Networks solutions added to our cybersecurity portfolio, our customers gain proven network monitoring and threat detection technology."More
Story image
Kroll completes Redscan acquisition, expands cyber risk portfolio
With the addition of Redscan and its extended detection and response (XDR) enabled security operations centre (SOC) platform, Kroll expands its Kroll Responder capabilities to support a wider array of cloud and on-premise telemetry sources.More
Story image
IT leaders prioritising automation, Zero Trust and API-based security investments
"The study shows that a cocktail of multiplying threats, the proliferation of hybrid and cloud architectures, blended with a pandemic-fuelled explosion in distributed and remote work has created a perfect storm for network security teams."More
Story image
Video: 10 Minute IT Jams - Radware VP on the challenges of cloud security
In this interview, Techday speaks to Radware vice president of technologies Yaniv Hoffman, who discusses the primary challenges facing IT organisations in terms of their cloud security apparatus.More
Story image
rhipe acquires emt Distribution, with aim to expand into enterprise market
The acquisition will enable rhipe to deliver a comprehensive portfolio of end-to-end security capabilities to its partners, the company says.More
Story image
O365 a weak point ripe for exploit, say security professionals
71% of more than 1,000 security professionals have been on the receiving end of a Microsoft 365 account takeover, on average, seven times in the last year alone.More
Story image
SAS digs deeper into the core tenets of responsible AI
What is responsible artificial intelligence (AI)? Is it a technology that does not discriminate against certain groupsMore
Story image
Infrastructure-as-code, and how it can secure the cloud
Bridgecrew recognised IaC early on as one of the best ways for modern teams to delegate security ownership to individual contributors while distributing it across existing frameworks within CI/CD pipelines. This attribute meant that IaC was invaluable in securing cloud-native environments.More
Story image
Combine endpoint privilege management with these tools for maximum protection
By integrating an EPM solution with additional technologies, teams can manage the entire security tool stack more easily and enhance each component’s effectiveness.More
Story image
2020 sees a global shift in financial malware threats
The financial threat landscape experienced a game-changing pandemic year, according to a new report from Kaspersky.More
Story image
Tesserent to acquire Secure Logic's managed security services business
Secure Logic delivered an audited turnover of $9 million in FY 2020 and a $4.2 million EBITDA, with reportedly ‘strong’ earnings going into FY 2021.More
Story image
Attivo Networks expands Active Directory suite for greater protection
"We see Active Directory exploitation used in the majority of ransomware, insider and advanced attacks. We are pleased to now offer our customers early and efficient solutions for preventing the misuse of Active Directory.”More
Link image
Virtual demo: Diagnose network cabling problems with the LinkIQ Cable+Network Tester
If you’re finding it difficult to install access points and cabling, or if you can’t pinpoint an issue with a video camera or end user, the LinkIQ Cable+Network Tester could be exactly what you need. Try a free, fully interactive demo now.More
Story image
Ransomware and Microsoft Exchange attacks surging 
There are global surges in ransomware attacks alongside increases in cyber attacks targeting Microsoft Exchange Server vulnerabilities, according to Check Point Research.More
Story image
Imperva unveils new data security platform built for cloud
"The cloud has revolutionised IT, offering organisations a strategic opportunity to rapidly pursue new market initiatives and adapt their operations in the face of new business challenges."More
Story image
Hackers offering forged “official” COVID vaccination certificates and negative test results on dark net 
There has been a 350% increase in the number of advertisements selling alleged COVID vaccines within the last three months.More
Story image
Claroty discovers vulnerabilities in Ovarro TBox RTUs
The vulnerabilities could enable attackers to break into the systems and run code, crash systems, and meddle with configuration files, amongst other malicious actions.More
Story image
Interview: SAS outlines the seven AI-based trends you'll see in 2021
Artificial intelligence has, let's face it, been the subject of much hype, of experimentation, and in some cases, pipe dreams.More
Story image
From Me to We: Partnerships & multiparty systems in the post-COVID-19 age
MPS is all about sharing data infrastructure between people and organisations - think along the lines of blockchain, distributed databases and ledgers.More
Story image
Fortinet achieves 400 integrations of Open Fabric Ecosystem
Fortinet EVP of products and CMO John Maddison says that the ecosystem aims to improve security, reduce complexity, and simplify operations. More
Story image
Microsoft Exchange breach a wake-up call to ditch the server
"There are owners who still have in-house exchange servers because they are suspicious of the cloud or have concerns about their data sovereignty or don't want to contemplate the capital expenditure. But the warning is clear. Get rid of them."More
Cloud services top threat vector for healthcare industry
"The coronavirus pandemic continues to highlight the unique cybersecurity needs of the healthcare industry, even as it has increased the number of threats these organisations face."More
AvePoint brings Salesforce Cloud Backup to channel partners
The product adds to the AvePoint suite of trusted Cloud Backup for Microsoft 365 and Dynamics 365 to provide managed service providers with backup and restore capabilities across multiple, popular SaaS providers.More
ThreatQuotient hits $22.5m in new financing, continues growth streak
“Since we first invested in ThreatQuotient in 2017, their team has continued to prove to the market that there is a critical need for cybersecurity solutions aimed at security operations."More
Financial malware activity dropped in 2020 as creators honed their wares
Cybercriminals used the time to plan more malicious propagation techniques, both new and evolved from previous methods.More
Hybrid IAM solutions are the way of the future, study states
“As this first-of-its-kind research shows, while IT leaders are faced with unique criteria and conditions that shape their IT strategy, hybrid IAM has emerged as a necessity."More
Thycotic releases new integrations to bolster account governance
“Service accounts are often left defenceless, even by enterprises with established programs for privileged user security."More
Addressing the challenges of least privilege access
Enforcing the right privilege policies across the environment with the right visibility and observability will ensure that the policy mandates hold tight against any behaviour changes.More
Almost a third of malware threats previously unknown - HP report
A new report has found 29% of malware captured was previously unknown due to the widespread use of packers and obfuscation techniques by attackers seeking to evade detection. More
Kasada launches new defenses against bot attacks
Kasada has announced the general availability of its new V2 platform in a bid to address the increasing sophistication of bot attacks.More
5G network security a US$9 billion dollar opportunity - report
The cloud-native nature of 5G networks will have a disruptive and positive impact on the cybersecurity industry in the next few years, with 5G network security presenting a US$9 billion enterprise market opportunity by 2025.More
Mobile devices biggest enterprise security threat - report
Businesses have left themselves vulnerable and open to cyber criminals in the rush to ensure their workforce could operate remotely during the Covid-19 pandemic.More
Gigamon & FireEye tackle security in hybrid cloud environments
The partnership is an extension to a ‘long-standing’ relationship that aims to ‘simplify, secure, and optimise hybrid cloud environments’.More
The mirrored world: Digital twins redefine business intelligence
The world’s most visionary leaders will use technology to master change and shape the future.More
Video: 10 Minute IT Jams - Who is Okta?
Okta is an identity and access management company, specialising in secure user authentication. It's an enterprise-grade identity management service, built for the cloud, but compatible with many on-premises applications.More
Enterprises underutilising security tools, causing teams to burn out
The report unveiled a lack of meaningful ROI metrics when reporting on security progress, as well as disparate opinions on objectives, tool effectiveness and security awareness amongst the organisation between executives and operations on security teams.More
Dell Technologies unveils new data protection innovations for hybrid cloud workloads
The Dell EMC PowerProtect Backup Service, powered by Druva, is designed to deliver SaaS app protection without increasing IT complexity.More
Identity in the age of eKYC & digital onboarding journeys
When an onboarding process is architected correctly, there are tangible benefits for customer satisfaction.More
Pandemic sees organisations of all sizes and industries invest in CTI
There is opportunity for organisations to better manage their cyber-threat intelligence for greater security and threat intelligence effectiveness by adopting the right tools and processes.More
More stories