What is Cryptomining?

Cryptomining

So what is Cryptomining ? 

This is an emerging cyber threat to businesses where hackers gain access to cryptocurrencies by utilizing a computers’ processing power .

A recent report by Checkpoint Research revealed that 20% of companies are the subject of cryptoming attacks every week and a leading source of malware attacks.

https://www.checkpoint.com/press/2019/cryptominers-hit-10x-more-organizations-than-ransomware-in-2018-but-only-1-in-5-it-pros-aware-of-infections-shows-check-points-2019-security-report/

How is Cryptomining carried out ?

This involves the use of a computers’ processing power to solve very complexed mathematical equations in order to confirm that cryptocurrency transactions are as they should be. As a sign of reward the cryptocurrency provides a specific amount of the cryptocurrency to the user who has verified the transaction the quickest.

The more computers utilized the quicker that it is possible to mine the cryptocurrency in question, this however does generate an enormous amount of actual processing power and bandwidth which in turn requires a great deal of electricity to facilitate this.

Out of the 21 million bitcoins available, 17 million have already been mined leaving just 4 million.

How do Hackers infiltrate the computer system?

  • Hackers can fool a user to download a cryptomining code to their computer system via a phishing attack normally disguised in an e-mail where a link is innocently clicked upon. This will then be activated so that the code can access the computer.
  • An alternative to this is where a user visits a website that contains a code which operates in the background to mine cryptocurrency.
  • Similarly a user could click on an ad pop up where again it operates without the user knowing whilst the code takes advantage of the processing power of the computer.

The principle concern with cryptomining is that these forms of cyber attacks can go undetected for sometime without the user being aware of what is happening to their computer system.

Proactive Risk Management 

When a cryptomining incident has been discovered it is of course too late to do anything about but measures should be put in place to avert a reoccurrence these can include:-

  • Ensure all computer systems are effectively and regularly patched
  • Make regular back-ups are carried out.
  • Improved training of users so that a potential attack can be identified.
  • Implementation of zero day prevention techniques
  • The cloud is a common threat vector for cryptomining and focus should be given on the latest security protection available.

Cyber Insurance

This form of specialist insurance can provide coverage for cryptomining where a business suffers a financial loss arising from this type of cyber attack. Just as important is the vendor services that this policy provides which includes forensic investigation and the use of legal assistance in managing and mitigating this form of cyber attack. 

 

 Image : Shutterstock

The Good,The Bad and the Dark Web

The Dark Web

So what is the Dark Web?

We have all heard of the dark web but it is unlikely that we actually know what it is…..

The Dark Web is part of the world wide web and requires specific software in order for it to be accessed, once this is in place its websites and other services can be readily accessed. Not all sites are visible and can be hidden because they have not been indexed by a search engine and can only be accessed if the precise address of the website is known.

The dark web sits below the “Surface Web” i.e.Google and Yahoo and the “Deep Web” which includes scientific and government reports and subscription-only information.

Certain markets operate within the dark web and are known as “darkest markets”which tend to sell illegal goods such as drugs and firearms, the currency of which is bitcoin where it is difficult to trace the source of the recepient.

Individuals and groups can seek total anonymity as these are generally groups who wish to stay hidden on line from the police and governments.

Let’s go Dark….

This is possible by downloading software such as Tor known as the “Onion Router” where users can be idenitified by the domain name “onion” and focus in providing anonymous access for users. Whilst 12P  the “Invisible Internet Project” permits the anonymous hosting of websites. It is not possible to identify the IP address and track dark net users due to the layered encryption systems that are in place. Intermediate servers are also used which helps in making identification impossible.

The Dark Side 

Hackers exist here to sell their services offering services such as :-

  • Tools for DDoS attacks
  • Fraud services
  • Phishing of websites
  • Scams
  • The recruitment of hackers

The Impact on Cyber Insurance 

The insurance industry focuses on loss prevention and it is important therefore that they are alive to new and developing threats which can in the first instance be discovered on the dark web.

Stolen data can appear in the dark web which can include for example names , addresses, credit card and bank account details rails  and medical records, these will be for sale from various sources.

An innovative step by CFC Underwriting Limited has been launched with RepKnight whereby they offer a dark web monitoring tool called BreachAltert for its policyholders that provides alerts in real time should their data become exposed on the dark web. This can be configured for e-mail domains server IP addresses, employee login credentials and lists of clients and employees. This will enable policyholders to be the first to know if their information has been leaked.

https://www.repknight.com/cfc-underwriting-cyber-policyholders-set-to-benefit-from-free-dark-web-monitoring-in-industry-first/

Image : Shutterstock

How is Cyber Crime Policed ?

cyber crime

How is Cyber Crime policed ?

The emergence of cyber crime in the UK with 53% of all crime relating to this form of criminal activity, the need for this to be addressed has called for the adoption of specialist crime units.

Throughout the UK there now exists Regional Cyber Crime Units (RCCU) which have been set up by the National Crime Agency to help combat and manage the effects of cyber crime.

With cyber criminals becoming increasingly sophisticated the RCCU’s have a very important role to play in our society and the business environment.

What is the role of a RCCU?

They normally consist of two main teams :-

Cybercrime Investigation Team  

This team is involved with investigating all forms of cyber related crime that occur within their designated region

Cyber Protect Team 

Advice on to protect individuals and businesses is provided by this team . This is carried out with input and presentations on cyber crime and cyber security.

Within these teams the following is also provided :-

  • The provision  of law enforcement set up and response
  • Advice on current trends and threats that the RCCU is experiencing

Cyber Briefings

Cyber Briefings are published on a monthly basis and distributed to businesses that provide details of current threats, advise and news.

http://www.zephyrswrocu.org.uk/userfiles/Regional%20Cyber%20Briefing%205th%20June%202017.pdf2.pdf

These areas of activity provide invaluable support to those affected by cyber crime and its prevention.

The RCCU look to work with other ancillary cyber related businesses whether they be cyber security firms, risk managers within the insurance industry and their counterparts in other parts of the world. The exchange of data is invaluable in assessing future cyber risks and offering preventative advice and updated guidelines on cyber threats.

The RCCU’s also work closely with a number of bodies that already are helping raise the awareness of cyber risks and share knowledge of emerging threat vectors such as the following:-

Get Safe Online

https://www.getsafeonline.org/

Cyber Aware

https://www.cyberaware.gov.uk/

Cyber Information Sharing Partnership ( CiSP)

https://www.ncsc.gov.uk/cisp

The challenge that these cyber crime police units face far out weigh the resources that each region has and this represents a stiff challenge with the cyber landscape constantly changing on a daily basis.