New Zealand
Story image

How to avoid becoming a cryptojacking victim - Bitglass

14 May 2019
Contributor
Share:

Article by Bitglass CTO Anurag Kahol

Fifty percent of organisations have malware in at least one of their cloud applications according to a report published by Bitglass. 

Cloud cryptojacking has become the biggest cybersecurity threat facing businesses, especially enterprise-level organisations. 

What is cryptojacking?

The term ‘cryptojacking’ refers to the unauthorised use of a third party’s computing resources to mine cryptocurrency. 

Large-scale cryptojacking is a lucrative business due to the popularity and value of cryptocurrencies like Bitcoin and Ethereum, so it is unsurprising that hackers are targeting vulnerable data centres to help them boost their capabilities.

Cloud-based resources, and in particular infrastructure-as-a-service (IaaS) platforms, are main targets for this activity as they offer virtually infinite resources and tremendous processing power, as well as an environment where attackers can largely go undetected. 

The methodology used to obtain the right accesses for cryptojacking are not dissimilar to other cyber threats like ransomware. 

Often it will be via phishing emails that load cryptomining code, or via a website that has been infected with a specific JavaScript code that will auto-execute when loaded. 

This particular method often goes undetected by the victim for a long time as it runs silently in the background.

The most often cited case of cryptojacking took place in 2018 when Tesla fell victim to an attack. 

The automotive company discovered that some of its Amazon Web Services (AWS)  infrastructure was being appropriated for mining. 

The attack had been concealed from conventional firewalls and intruder detection systems as the cybercriminals had hidden the IP addresses of their mining programs behind a content delivery network; they had also throttled the mining software to ensure that it did not trigger high-usage-detection systems.

Here are five tips to secure infrastructure against cryptojacking:

1. Employee awareness
Employees are every organisation’s first line of defence, so make sure they are equipped with the right tools and training to be an effective part of the security strategy. 
Employees that are well versed in the company’s cybersecurity policies are less likely to fall victim to an attack. 
Teach them what to look for and what to avoid - focus on the threat of phishing attacks. 

2. Deploy the extensions
As mentioned earlier, one method cybercriminals use is to lace websites with auto-executing cryptojacking scripts. 
All employees should deploy ad-blocking and anti-cryptomining extensions on web browsers to avoid downloading this type of code from websites. 

3. Passwords and multi-factor authentication (MFA)
MFA and strong passwords should be in place for all cloud apps and IT assets. 
The attackers who compromised Tesla’s environment went through an administration console that was not password protected. 
Passwords should, as a minimum, include a mixture of alphanumeric credentials, and enforcing multi-factor authentication are must-haves for ensuring the protection of sensitive enterprise assets. 

4. Updates are not an option
Patches and software updates are regularly released by all security vendors – these are not optional.
Promptly install them to ensure endpoints and cloud-based tools have their security gaps filled, protecting them from the latest threats.  

5. Securing personal devices  
With BYOD becoming more common among businesses, securing personal devices is a must. 
This is most effectively achieved through an agentless solution, as tools like mobile device management (MDM) can harm device functionality, invade user privacy, and, consequently, prove incredibly difficult to deploy on employees’ personal devices.

Related stories:
Phishing URLs grew by 640% last year - report
Cloud security planning – here’s to a safer future
New report reveals 'wall of shame' in health care data breaches
Check Point report highlights latest cyber-threats worldwide
Bitglass report finds 66% of companies omit key security tool
Are Fortune 500 companies failing at cyber security? 
Dig deeper:
Story image
Unisys launches latest version of its Stealth security software
The updated software provides protection for data in container and Kubernetes environments, with the aim of improving data centre security, Unisys says.More
Story image
New report reveals 'wall of shame' in health care data breaches
More than 27 million individuals were affected by breaches of protected health information, according to Bitglass. More
Story image
Google expands Titan security keys across parts of EU & Asia
Google’s Titan security key bundle was launched late last year. It includes USB-A/NFC/BLE keys that can act as a second form of authentication as part of a two-factor authentication process.More
Story image
DDoS attacks on the rise, with more hitting victims on Sunday
Kaspersky research has found that DDoS attacks have almost doubled in Q4 2019 with roughly 28% of attacks occurring on the weekend.More
Story image
Veeam announces new executive on heels of suite launch
The appointment comes as the company launches its latest data protection software suite.  More
Download image
The cloud skills gap is biting: How organisations can bite back
71% of IT decision makers say their firms have lost revenue due to a lack of cloud expertise.More
Story image
Unisys launches latest version of its Stealth security software
The updated software provides protection for data in container and Kubernetes environments, with the aim of improving data centre security, Unisys says.More
Story image
New report reveals 'wall of shame' in health care data breaches
More than 27 million individuals were affected by breaches of protected health information, according to Bitglass. More
Story image
Google expands Titan security keys across parts of EU & Asia
Google’s Titan security key bundle was launched late last year. It includes USB-A/NFC/BLE keys that can act as a second form of authentication as part of a two-factor authentication process.More
Story image
DDoS attacks on the rise, with more hitting victims on Sunday
Kaspersky research has found that DDoS attacks have almost doubled in Q4 2019 with roughly 28% of attacks occurring on the weekend.More
Story image
Veeam announces new executive on heels of suite launch
The appointment comes as the company launches its latest data protection software suite.  More
Download image
The cloud skills gap is biting: How organisations can bite back
71% of IT decision makers say their firms have lost revenue due to a lack of cloud expertise.More
Link image
Fortinet: Attackers doubling down on CMS and web infrastructure attacks
Fortinet: Attackers doubling down on CMS and web infrastructure attacks Fortinet’s latest quarterly threat report highlights the summer antics in the threat landscape and which areas bad actors are targeting. More
Story image
Digital Guardian launches new security solution to bolster data protection
In the absence of skilled talent to employ in-house, organisations are increasingly steering towards adopting managed cybersecurity services. More
Download image
App infrastructure showing its age? It's time for a revamp.
App modernisation isn’t just about ROI — it’s about architecting for your future.More
Story image
Veeam launch of new data protection suite 'biggest ever'
"This is the biggest release in the history of Veeam, creating the simplest solution for hybrid-cloud environments.”More
Story image
IT leaders fear data breaches are an 'inside job'
"Bizarrely, IT leaders have not adopted new strategies or technologies to mitigate the risk."More
Story image
IBM report projects evolution of phishing, ransomware and spoof tech
"The amount of exposed records that we're seeing today means that cybercriminals are getting their hands on more keys to our homes and businesses.”More
Story image
Fortinet cyber threat report paints bleak picture
The report reveals cybercriminals are maximising global economic and political realities to further enable their goal.More
Download image
Real malware attacks put Juniper Networks to the test
ESG decided to use malware attacks to evaluate market solutions like Juniper Networks’ automated threat detection and remediation.More
Story image
'Risky behaviour' observed in IT security pros and individuals - survey
The report found expectation and reality are often misaligned when it comes to the implementation of desirable security solutions. More
Download image
The simple formula for security: Simplify and automate.
Discover how cybersecurity automation can help you regain the advantage against modern cybercriminals and bolster your enterprise security posture.More
Story image
A cloud-first approach starts with security
Cloud-first means that an organisation first seeks to deliver applications and services from a cloud computing platform before considering any on-premise alternatives. More
Story image
FIDO: The word that could defeat phishing attacks once and for all
Attackers know that sometimes they don’t need to attack the technology – they just need to attack people instead.More
Story image
HP seeks to 'raise the bar' for security in the printer industry
"This is an important step in driving more stringent industry standards for IoT devices, like printers, and pushing our industry to a higher standard."More
Story image
NZ credit bureau Centrix co-develops fraud detection service
The service has been put through a robust Privacy Impact Assessment and it was developed in accordance with New Zealand’s current privacy legislation.More
Story image
Revealed: The countries with the worst internet freedom
The findings are in and the countries with the worst record for internet censorship have been revealed. More
Story image
BlackBerry Cylance: Latest report reveals global attack surface expansion
"New techniques to obscure malicious payloads and distribute attacks across multiple organisations paid off for threat actors in 2019."More
Story image
Telco Security Alliance strives to develop threat detection
“This initiative already proved valuable to AT&T’s visibility into current threats, and as we continue to work together, our focus is on utilising this relationship to deliver better threat intelligence to our customers.”More
Link image
Tips to make your digital workspace more secure with MFA
Digital workspaces are the norm for a mobile workforce – RSA explains how you can protect all users and devices.More
Download image
Investing in DevSecOps or cloud? Read this first
A definitive guide to navigating your cloud journey to ensure efficiency and best practices for your business.More
Story image
Vectra AI expands APAC leadership team with new security head
Cybersecurity firm Vectra AI has announced the expansion of its Asia Pacific leadership team with the appointment of Chris Fisher as head of security engineering.More
Download image
Back to basics: Data centre security and next-gen firewalls
The ability to offer IPSec VPNs to encrypt data between sites or to individuals is also an imperative function of a firewall.More
Security professionals over-confident in security products
Security professionals are over-confident when it comes to effectiveness of their security products, according to a new survey released by Keysight. More
What organisations must demand from security technology in 2020
Gone are the days when organisations needed to choose best-of-breed point solutions to secure each individual aspect of the network.More
ExtraHop announces IoT adoption suite
These latest enhancements extend Reveal(x) capabilities to the enterprise IoT device edge, according to the company.More
Want $10,000? Unisys tempts hackers at San Francisco event
Participants will try to compromise a target system protected by Stealth, Unisys’ encrypted, identity-based microsegmentation solution.More
McAfee announces new acquisition as it moves toward browser isolation
The acquisition of Light Point Securitywill supplement McAfee’s existing inbound and outbound protection for all web and cloud traffic, according to McAffee.More
Phishing URLs grew by 640% last year - report
“In the cybersecurity industry the only certainty is that there is no certainty, and there is no single silver bullet solution.”More
New Azure and AWS integration announced amid increasing cyber threats
FireMon says the integration of the two cloud giants will help match the pace needed to protect systems from ongoing and increasing cyber threats and data breaches.More
Real IT security challenges from cybersecurity experts
“You determine the level of response automation, and you can ratchet it up over time."More
Dell Technologies sells RSA for US$2 billion
Clarke reveals that RSA and Dell Technologies developed different strategies to meet different business needs with different go-to-market models. More
Cloud security planning – here’s to a safer future
Discussion is likely to focus on cloud security, with IT professionals asking themselves: How did we cope with the threat situation last year?More
Malware targeting IoT devices skyrockets as transactions rise 1,500%
According to the report, Zscaler customers are generating more than 1 billion IoT transactions per month in the Zscaler cloud.More
Claroty reveals DoS vulnerability in Siemens protocol
The security breach represents the same protocol that was exploited by the Industroyer malware which attacked a Ukrainian power grid in 2016. More
Undetectable and inescapable: the secrets of APT cyber threats
Advanced persistent threats are attacks capable of breaching data infrastructure through continuous targeting.More
McAfee introduces security solution aimed at simplifying SASE adoption
McAfee Unified Cloud Edge was designed with a cloud-first mindset to simplify the implementation of SASE.More
Microsoft NZ rolls out free AccountGuard service ahead of general election
Microsoft’s AccountGuard service aims to strengthen cybersecurity for those campaigning for the election, or for government organisations involved in political education or analysis.More
Mobile malware and exploitation amongst biggest cyber threats for 2020
There will be an increase in mobile malware and cybercriminal groups exploiting mobile devices in the Asia Pacific region in 2020, according to new research from Kaspersky. More
Auldhouse named sole Oracle-approved training partner
Adds to its wide ranging portfolio of cloud vendors, being named Oracle’s only Authorised Education Partner.More
The real winner of 2019? Ransomware
Trend Micro discovered a 10% increase in ransomware detections, despite a 57% decrease in the number of new ransomware families. More
More stories