So what is Cryptomining ?
This is an emerging cyber threat to businesses where hackers gain access to cryptocurrencies by utilizing a computers’ processing power .
A recent report by Checkpoint Research revealed that 20% of companies are the subject of cryptoming attacks every week and a leading source of malware attacks.
How is Cryptomining carried out ?
This involves the use of a computers’ processing power to solve very complexed mathematical equations in order to confirm that cryptocurrency transactions are as they should be. As a sign of reward the cryptocurrency provides a specific amount of the cryptocurrency to the user who has verified the transaction the quickest.
The more computers utilized the quicker that it is possible to mine the cryptocurrency in question, this however does generate an enormous amount of actual processing power and bandwidth which in turn requires a great deal of electricity to facilitate this.
Out of the 21 million bitcoins available, 17 million have already been mined leaving just 4 million.
How do Hackers infiltrate the computer system?
- Hackers can fool a user to download a cryptomining code to their computer system via a phishing attack normally disguised in an e-mail where a link is innocently clicked upon. This will then be activated so that the code can access the computer.
- An alternative to this is where a user visits a website that contains a code which operates in the background to mine cryptocurrency.
- Similarly a user could click on an ad pop up where again it operates without the user knowing whilst the code takes advantage of the processing power of the computer.
The principle concern with cryptomining is that these forms of cyber attacks can go undetected for sometime without the user being aware of what is happening to their computer system.
Proactive Risk Management
When a cryptomining incident has been discovered it is of course too late to do anything about but measures should be put in place to avert a reoccurrence these can include:-
- Ensure all computer systems are effectively and regularly patched
- Make regular back-ups are carried out.
- Improved training of users so that a potential attack can be identified.
- Implementation of zero day prevention techniques
- The cloud is a common threat vector for cryptomining and focus should be given on the latest security protection available.
This form of specialist insurance can provide coverage for cryptomining where a business suffers a financial loss arising from this type of cyber attack. Just as important is the vendor services that this policy provides which includes forensic investigation and the use of legal assistance in managing and mitigating this form of cyber attack.
Image : Shutterstock