New Zealand
Story image

How to avoid becoming a cryptojacking victim - Bitglass

14 May 2019
Contributor
Share:

Article by Bitglass CTO Anurag Kahol

Fifty percent of organisations have malware in at least one of their cloud applications according to a report published by Bitglass. 

Cloud cryptojacking has become the biggest cybersecurity threat facing businesses, especially enterprise-level organisations. 

What is cryptojacking?

The term ‘cryptojacking’ refers to the unauthorised use of a third party’s computing resources to mine cryptocurrency. 

Large-scale cryptojacking is a lucrative business due to the popularity and value of cryptocurrencies like Bitcoin and Ethereum, so it is unsurprising that hackers are targeting vulnerable data centres to help them boost their capabilities.

Cloud-based resources, and in particular infrastructure-as-a-service (IaaS) platforms, are main targets for this activity as they offer virtually infinite resources and tremendous processing power, as well as an environment where attackers can largely go undetected. 

The methodology used to obtain the right accesses for cryptojacking are not dissimilar to other cyber threats like ransomware. 

Often it will be via phishing emails that load cryptomining code, or via a website that has been infected with a specific JavaScript code that will auto-execute when loaded. 

This particular method often goes undetected by the victim for a long time as it runs silently in the background.

The most often cited case of cryptojacking took place in 2018 when Tesla fell victim to an attack. 

The automotive company discovered that some of its Amazon Web Services (AWS)  infrastructure was being appropriated for mining. 

The attack had been concealed from conventional firewalls and intruder detection systems as the cybercriminals had hidden the IP addresses of their mining programs behind a content delivery network; they had also throttled the mining software to ensure that it did not trigger high-usage-detection systems.

Here are five tips to secure infrastructure against cryptojacking:

1. Employee awareness
Employees are every organisation’s first line of defence, so make sure they are equipped with the right tools and training to be an effective part of the security strategy. 
Employees that are well versed in the company’s cybersecurity policies are less likely to fall victim to an attack. 
Teach them what to look for and what to avoid - focus on the threat of phishing attacks. 

2. Deploy the extensions
As mentioned earlier, one method cybercriminals use is to lace websites with auto-executing cryptojacking scripts. 
All employees should deploy ad-blocking and anti-cryptomining extensions on web browsers to avoid downloading this type of code from websites. 

3. Passwords and multi-factor authentication (MFA)
MFA and strong passwords should be in place for all cloud apps and IT assets. 
The attackers who compromised Tesla’s environment went through an administration console that was not password protected. 
Passwords should, as a minimum, include a mixture of alphanumeric credentials, and enforcing multi-factor authentication are must-haves for ensuring the protection of sensitive enterprise assets. 

4. Updates are not an option
Patches and software updates are regularly released by all security vendors – these are not optional.
Promptly install them to ensure endpoints and cloud-based tools have their security gaps filled, protecting them from the latest threats.  

5. Securing personal devices  
With BYOD becoming more common among businesses, securing personal devices is a must. 
This is most effectively achieved through an agentless solution, as tools like mobile device management (MDM) can harm device functionality, invade user privacy, and, consequently, prove incredibly difficult to deploy on employees’ personal devices.

Related stories:
Cloud adoption trends: SSO adoption lagging
Bitglass report finds 66% of companies omit key security tool
Are Fortune 500 companies failing at cyber security? 
Fortune 500 companies failing to demonstrate cybersecurity commitment - Bitglass
Thales announces expanded access management capabilities
Carbon Black discovers evolution of popular cryptomining campaign
Dig deeper:
Story image
14 Jan
How integrated edge security and WAF can secure application delivery
Edge security, SSO application integration and flexible authentication options are critical for optimal user experience and information security policy compliance, Kemp says.More
Story image
05 Dec
Microsoft-backed security firm SpyCloud amplifies enterprise protection
Cybersecurity firm SpyCloud is an up-and-coming star in cybersecurity – and with US$21 million from Microsoft’s venture fund behind it, SpyCloud’s future is almost limitless.More
Download image
Architecting the future with app modernisation
Organisations procure, build, customise and deploy a collection of tools and solutions that address specific issues, but collectively introduce complexities and inefficiencies.More
Story image
07 Jan
Kiwis concerned over digital identity and personal data
“Kiwis are seeking greater transparency and control, however seven out of 10 say it’s currently too hard to protect their identity and data online."More
Story image
15 Jan
Mimecast acquires brand exploitation prevention startup
The acquisition of the Israeli Segasec extends Mimecast’s capabilities to protect against brand exploits used to steal money and data.More
Story image
09 Dec
Trend Micro leads market share for hybrid cloud security - IDC
Software-defined compute technologies are often used in the context of public or private clouds, but can also be implemented in non-cloud environments.More
Story image
How integrated edge security and WAF can secure application delivery
Edge security, SSO application integration and flexible authentication options are critical for optimal user experience and information security policy compliance, Kemp says.More
Story image
Microsoft-backed security firm SpyCloud amplifies enterprise protection
Cybersecurity firm SpyCloud is an up-and-coming star in cybersecurity – and with US$21 million from Microsoft’s venture fund behind it, SpyCloud’s future is almost limitless.More
Download image
Architecting the future with app modernisation
Organisations procure, build, customise and deploy a collection of tools and solutions that address specific issues, but collectively introduce complexities and inefficiencies.More
Story image
Kiwis concerned over digital identity and personal data
“Kiwis are seeking greater transparency and control, however seven out of 10 say it’s currently too hard to protect their identity and data online."More
Story image
Mimecast acquires brand exploitation prevention startup
The acquisition of the Israeli Segasec extends Mimecast’s capabilities to protect against brand exploits used to steal money and data.More
Story image
Trend Micro leads market share for hybrid cloud security - IDC
Software-defined compute technologies are often used in the context of public or private clouds, but can also be implemented in non-cloud environments.More
Story image
Spark to offer Android's zero-touch enrolment solution
"By using an automated enrolment method, Android devices can be used at scale with enforced security."More
Story image
75% of DevOps professionals say certificate issuance policies slow them down
Less than half of DevOps professionals believe developers always request certificates that serve as machine identities through authorised channels.More
Story image
Unisys delivers new cloud security features on AWS
These automated capabilities of CloudForte help clients enhance security and optimise operations for workloads delivered on AWS as well as in hybrid- and multi-cloud environments.More
Story image
FireEye rolls out threat intelligence platform for industrial systems
Now industrial control systems (ICS), operational technology (OT), internet of things devices, and other equipment used to manage interconnected physical processes, can be secured from cyber threats.More
Story image
Cybersecurity: The top three predictions that will headline 2020
"Collecting data from various systems, tools and devices and the application of analytics, AI and machine learning will gain speed."More
Story image
Veeam launches AWS-native backup & recovery solution on AWS Marketplace
Veeam Backup for Amazon Web Services (AWS) will be available exclusively through AWS Marketplace as both a free and paid version.More
Story image
2020 Vision: Game-changing storage trends for the year ahead
Companies that want to make the most of data storage should be on top of these developments.More
Story image
Sophos extends MSP program in the name of advancing enterprise security
Sophos has extended its managed service provider (MSP) program to make it easier for MSPs to deploy, manage and sell the Sophos product portfolio.More
Story image
Sophos launches Intercept X for mobile
New security for Chrome OS and mobile threat defence for Android and iOS devices protects users from new fleeceware applications uncovered by SophosLabs. More
Download image
How Rackspace can help companies navigate VMware Cloud on AWS
The service provides a managed service that enables organisations to efficiently ‘bridge’ the hybrid world of workloads on-premise and in private and public clouds. More
Story image
Three cybersecurity vendors outline 16 industry predictions for 2020
With 2019 coming to a close, Ping Identity, Attivo Networks, and LogRhythm’s experts share what 2020 holds in store for cybersecurity. More
Story image
Are they spying? Young people wary of virtual assistants
Privacy and security fears put young people off using virtual assistants for customer servicesMore
Download image
Lack of cloud proficiency holding businesses back
Two in five IT decision makers (42%) believe there is a lag in their organisation’s ability to deploy cloud platforms due to a lack of skills.More
Story image
Gartner names SAI Global as IT Vendor Risk Management leader
SAI Global feels the Gartner report confirms a competitive market with demand growing for cloud-first software solutions. More
Story image
Number of spam emails drops, still accounts for 55% of traffic
Significantly, spam messages account for more than half of 295 billion in 2019, making 55% of global email traffic in this year, the company states.More
Download image
The dummies guide to sussing out MSSPs
A pure DIY approach might not be tenable for your organisation depending on your maturity and business goals.More
Story image
Top internet outages of 2019 - ThousandEyes
The most significant of these outages took place over the northern hemisphere summer and disrupted nearly every top tech company in some fashion.More
Story image
Fortune 500 firms weigh in on equipment failure risk
Fortune 500 companies are increasingly concerned about the risks of critical equipment failure and cyber attacks on industrial control systems.More
Story image
Equifax breach vulnerability surfaces as top network attack in Q3 2019
WatchGuard’s latest Internet Security Report also reveals significant increases in malware and network attacks, as zero day malware accounts for 50% of all detections.More
Story image
Veritas: PCs running Windows 7 vulnerable to ransomware
"It's vital that the organisations that rely on Windows 7 are aware of the risks and what they need to mitigate them."More
Story image
StorageCraft report suggests firms need a 'ransomware reality check'
68% of respondents have a ransomware recovery plan, yet almost a quarter (23%) don’t test those plans, and 46% test them once a year or less.More
Trend Micro debuts security services platform for cloud applications
Trend Micro Cloud One automates and simplifies cloud security to give organisations the flexibility they need to meet their most strategic cloud priorities.More
EC-Council appoints distie to expand into A/NZ
It has appointed ACA Pacific to help roll out its cybersecurity solutions, including newly acquired OhPhish, to the Australia and New Zealand markets.More
Kaspersky: Malware variety grows by 13.7% in 2019 due to web skimmers
“The volume of online attacks has been growing for years, but in 2019 we saw a clear shift from certain types of attacks that are becoming ineffective, to the ones focused on gaining clear profit from users."More
Malwarebytes stalwart promoted to chief product officer
"Akshay has been an incredible partner with product development, enabling our long-term product vision. His leadership has been instrumental to our continued growth and success."More
ESET urges parents to consider security protection for their children
While many parents worry about their child’s online activity, many are not taking precautionary measures, according to new insights from ESET.More
New security distributor launches in A/NZ
Started by veteran channel leader, Paul Lim, industry experts Ben Minski and Bill Gatsios will work alongside Paul in spearheading the business.More
Cloud adoption trends: SSO adoption lagging
Research found that only 34% of those who had adopted cloud-based solutions had implemented single sign-on (SSO), one of the most basic cloud security tools.More
Acronis makes strategic acquisition to strengthen security portfolio
Acronis will integrate 5nine’s technology into the Acronis Cyber Platform, making new services available through the Acronis Cyber Cloud Solutions portal.More
Kiwi ambivalence to fake news leads to millions lost to cyber criminals
"With massive increases in scams and phishing, criminals are benefiting from Kiwis cyber ambivalence, stealing more than $3.8 million in the last quarter alone."More
Veeam to be acquired for massive US$5 billion
Insight Partners will acquire Swiss cloud data management vendor Veeam. Co-founders step down from the Board.More
Endace expands channel partners globally, experiences significant growth
Endace has announced global growth in the packet capture market, and the importance of packet capture as a key source of data for network security, is contributing to significant growth of the company.More
Fighting the sophisticated, sustained cyber-attacks of the 21st century
Advanced persistent threats are capable of breaching data infrastructure through continuous targeting and then remaining within that infrastructure, undetected.More
AWS need not be a minefield: Optimising the cloud journey for real results
Find high-performance outcomes through your use of AWS, and save time and money whilst doing so.More
Gartner names Fortinet a Challenger in WAN Edge Infrastructure
Fortinet was also recently named by Gartner as one of the highest three vendors in worldwide market share for enterprise SD-WAN equipment by revenue for Q2 2019.More
Preparing your business to harness the power of cybersecurity automation
Discover how cybersecurity automation can help you regain the advantage against modern cybercriminals and bolster your enterprise security posture. More
Sophos launches threat intelligence & analysis platform for developers
Sophos’ cloud-based threat intelligence and analysis platform is now available to those who are building applications.More
Citrix flaw puts 80,000 companies at risk
"Considering the high risk brought by the discovered vulnerability, and how widespread Citrix software is in the business community, we recommend information security professionals take immediate steps to mitigate the threat."More
Companies not utilising threat hunters correctly – study
“Responding to threats is important for security, but it is not the main task of the threat hunter.”More
More stories