Crypto-jacking is one of the latest fads in cyber crime. As opposed to a cyber-criminal locking up your files and waiting for you to meet their ransom demands, they are simply stealing the CPU cycles of your computer to mine for crypto-currency around the world. Why would they do this? They do this because where they may have has a 2% chance after reaching your computer of having you execute the code to lock up your files and then pay the ransom demands, they can get 100% of the infected computers to go to work for them immediately with crypto-jacking. What’s even better for them is that standard endpoint detection tools will likely not notice the infiltration for a long time (if at all) so your computer will just keep working and working for the cyber-criminal until they get caught.
How does this happen? It may start with a standard phishing email much like ransomware except that after you click on the link or attachment, “nothing happens”. From an end user point of view, the attack “didn’t work” as there were no pop ups about a virus and nobody from IT came running over to tell them to shut down their machine. The reality however is that the malicious code is now running in the background of your machine and is gearing up to steal your CPU cycles to make the cyber-criminals rich. All you may notice is some performance degradation which might not be unlike any other day. Another way they can attack you is by injecting code into websites that you browse. While you are on the site, the malicious code will run in the background, again stealing your computers CPU cycles for their own mining purposes. This is even harder to detect as nothing is actually even installed or executing on your computer.
While it all sounds very daunting, there are some things you can do to protect yourself:
- Make sure that crypto-jacking is one of the topics in your employee security awareness training.
- Keep your web filtering systems up to date.
- Ensure that any devices that connect to your network (particularly BYOD devices) are subject to web filtering policies even when they are not connected to your network.
- Employ newer next generation end point technologies that can detect this type of malicious behavior even when a current “signature” does not exist for it.
If you follow the above guidelines, you will be able to stave of many of the crypto-jacking attempts against your organization. Overall, a comprehensive multi-layered approach to your organization’s cyber security program is essential to the success of your business.