What is Cryptomining?

Cryptomining

So what is Cryptomining ? 

This is an emerging cyber threat to businesses where hackers gain access to cryptocurrencies by utilizing a computers’ processing power .

A recent report by Checkpoint Research revealed that 20% of companies are the subject of cryptoming attacks every week and a leading source of malware attacks.

https://www.checkpoint.com/press/2019/cryptominers-hit-10x-more-organizations-than-ransomware-in-2018-but-only-1-in-5-it-pros-aware-of-infections-shows-check-points-2019-security-report/

How is Cryptomining carried out ?

This involves the use of a computers’ processing power to solve very complexed mathematical equations in order to confirm that cryptocurrency transactions are as they should be. As a sign of reward the cryptocurrency provides a specific amount of the cryptocurrency to the user who has verified the transaction the quickest.

The more computers utilized the quicker that it is possible to mine the cryptocurrency in question, this however does generate an enormous amount of actual processing power and bandwidth which in turn requires a great deal of electricity to facilitate this.

Out of the 21 million bitcoins available, 17 million have already been mined leaving just 4 million.

How do Hackers infiltrate the computer system?

  • Hackers can fool a user to download a cryptomining code to their computer system via a phishing attack normally disguised in an e-mail where a link is innocently clicked upon. This will then be activated so that the code can access the computer.
  • An alternative to this is where a user visits a website that contains a code which operates in the background to mine cryptocurrency.
  • Similarly a user could click on an ad pop up where again it operates without the user knowing whilst the code takes advantage of the processing power of the computer.

The principle concern with cryptomining is that these forms of cyber attacks can go undetected for sometime without the user being aware of what is happening to their computer system.

Proactive Risk Management 

When a cryptomining incident has been discovered it is of course too late to do anything about but measures should be put in place to avert a reoccurrence these can include:-

  • Ensure all computer systems are effectively and regularly patched
  • Make regular back-ups are carried out.
  • Improved training of users so that a potential attack can be identified.
  • Implementation of zero day prevention techniques
  • The cloud is a common threat vector for cryptomining and focus should be given on the latest security protection available.

Cyber Insurance

This form of specialist insurance can provide coverage for cryptomining where a business suffers a financial loss arising from this type of cyber attack. Just as important is the vendor services that this policy provides which includes forensic investigation and the use of legal assistance in managing and mitigating this form of cyber attack. 

 

 Image : Shutterstock

The “Cyber Monday Morning” Feeling…

Cyber Monday

The “Cyber Monday Morning” Feeling..

This year Cyber Monday falls on 28th November, traditionally preceding “Black Friday” which occurs on the 25th November …. it is likely that consumers will have that “Cyber Monday Morning Feeling” ….. keen to make purchases on-line for loved ones that maybe they failed to grab on the Friday.

Cyber Monday represents one of the busiest on-line purchasing days of the year in both the UK and US. Last year according to figures from Experian and IMRG , Cyber Monday was worth £968M to on-line retailers which represented an increase of 34% on the previous year. A further increase is expected this year…. a factor that might influence this is that consumers in the UK experienced issues with crowds and traffic problems and consumers may prefer to shop from the comfort of their own home or office.

The spike in on-line shopping activity on this day does not go unnoticed by the cyber criminals and it is one of the days of the year where consumers may be most vulnerable to scams and fraud.

Keen to grab a deal that may be too good to be true, consumers could be fooled into making purchases without looking too carefully at the website that may not in reality exist or the e-mail that has been sent to them with a special one off deal that day. As a result of this lapse in concentration  cyber criminals can take advantage of this which could lead to them gaining access to personal details such as bank account details, full names & addresses and national insurance numbers.

Not only are there dangers for consumers but businesses will also be a target for cyber criminals who will be shopping for Christmas..!

Here are some cyber security measures that should be focused upon  :-

1.Updating your Software

Whatever device you are using whether it be a smartphone , tablet or desktop it is important that the software is up to date as this helps protect these devices from new viruses and malware that could lead to data being compromised.

2.A Strong Password

The most common password remains 123456 and it is sad reflection that people do not fully realize the dangers that this poses.There are various schools of thought on what makes a good password, CyberAware, the government sponsored website provides some good advice on this.

https://www.cyberaware.gov.uk/software-updates

3.Privacy Settings

Checking of privacy settings on social media to ensure that you only wish to share personal information with persons that you know and are happy to share this with them.

4.Internet Settings

When shopping  on-line ensure that on-line retail sites are secure and that they are what they perceive to be.

5.Human Error

An inadvertent error in pressing the wrong button on a computer or smart phone  could lead to data or information being sent to the incorrect destination causing disclosure of this to a third party or hacker that may use this for ill gains.

To reinforce this there are two excellent websites to guide individuals and businesses on how best to protect their privacy and data :-

CyberStreetwise 

This is a government sponsored initiative that was launched in 2014 to encourage behavioural changes in individuals and the SME business sector in terms of adopting a good cyber security posture.

https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/273330/cyber_streetwise_open_for_business.pdf

Get Safe Online

This website provides advice on how individuals and businesses can protect themselves from on-line issues such as fraud , identity theft and virus attacks.  Guidance is also provided on associated subjects relating to good housekeeping of computers and mobile devices.

https://www.getsafeonline.org/about-us/

Cyber Insurance 

For all the cyber security procedures and practices that may be in place Cyber Insurance can provide that “top layer”of coverage as part of the cyber risk management program should there be a compromise of computer systems that results in a data breach or being a victim of cybercrime.

Image : Shutterstock