Cryptojacking is the unauthorised use of someone else’s computer to mine cryptocurrencies. Such cyber-attacks take a toll on a business’ productivity and cause system outages, as well as increase operating costs for the organisation
It has only been a few months since cryptojacking was inducted into the class of cyber threats, but the pace at which the number of attacks has grown is alarming.
Cryptojacking has become a ubiquitous threat, with hackers around the world targeting a diverse array of victims, from individual consumers to large businesses and organisations. To begin with, one must understand what the threat is and how it impacts their systems.
How to find out if your systems are cryptojacked?
Cryptojacking and other forms of cyber-attacks can not only take a toll on a business’ productivity and cause system outages but end up increasing operating costs for the organisation.
Hence, it becomes extremely important for any business, whether big or small, to have a strong cybersecurity strategy in place to deal with such threats.
However, in the case of cryptojacking, the biggest dilemma for businesses is that these attacks are usually undetectable. Since hackers look to exploit the systems’ computing power, a server overload could be a potential indicator.
Often hackers, in order to avoid detection, may activate malicious code during periods when the servers are running at much lower capacity than usual, such as after work hours, or on off days. As a result, users’ computers may run slower and browsers will tend to slow down when your business network is being hijacked for cryptomining activities.
In addition, employees and other guests connected to your organisation’s internal network or sharing an internet connection could see the battery life of their devices get shorter. Overheating is common in both mobile and larger devices, while infected desktops and laptops also have their fans operating at maximum capacity.
The organisation could also analyse how much computing power is being used and monitor the servers for spikes or unexplained rises in power consumption that occur at a steady rate, although these are indicators that are not easy to track.
Most of these signals, while subtle, may collectively necessitate a thorough check-up of your networks and systems, along with the installation of adequate security measures to prevent further damage, and protect your business against future attacks.
Protecting your business from cryptojacking
Even though you may think that the security measures on your network are sufficient, they could still be vulnerable to cryptojacking. The modern cyber threat landscape is such that investing heavily towards security is not just necessary, but mandatory for businesses to protect their data and commercial interests.
At the same time, it is advisable to provide regular security awareness training to employees to warn them against cyber threats and apprise them about the latest trends. These efforts can help in minimising the security risks that your business faces.
In order to protect their networks against cryptojacking, businesses should deploy security solutions that provide such features as:
> Deploy Endpoint Security: An advanced Endpoint Security solution with robust features like behaviour based detection and anti-virus can protect your endpoints from the threat of cryptojacking.
> Web Filtering: Web filtering tools can be customised to ensure the suspicious websites are blocked on your business network to prevent users from accessing them. Moreover, updating your web filtering tools regularly ensures that they recognise the latest threats and fight them.
> Network Monitoring: A network monitoring tool can be deployed to detect large surges in processor activity, which is a common indicator of a device being cryptojacked. Such a tool will then aid network administrators to monitor the data for anomalies.
> Mobile Device Management (MDM): Mobile phones are also commonly targeted by cryptojackers, and those being used for business purposes can pose a threat to the security of data. Hence, deploying a strong Mobile Device Management (MDM) solution can be particularly helpful in preventing the hijacking of devices by cryptomining programs.
It is also recommended that businesses work towards ensuring that their own website is not infected with a cryptojacking script.
In recent times, many websites offered on open source platforms have been compromised with cryptojacking attacks. Businesses need to validate that their service provider is not affected with any such vulnerabilities and follow basic security hygiene like patching of latest security updates and deploying a web security solution for the safety of their website visitors.
Guarding your systems and your business against crypto mining involves deploying enterprise security and IT teams to keep a close watch on endpoint and server activities. Constant testing of systems, employing regular patches and updates, using security solutions with advanced protection features, etc. are a few additional recommended measures.(The author is Joint Managing Director and Chief Technology Officer, Quick Heal Technologies Limited)