Has Your Cloud Been Cryptojacked? - American Technology Consulting

Business

Has Your Cloud Been Cryptojacked?

Nick Reddin

Published October 2, 2019

Subscribe to the blog

If you aren’t familiar with cryptojacking you are not alone. Most people aren’t, and that is one of the reasons it is thriving. The hackers behind it are doing everything they can to keep it hidden so that it doesn’t become a major focus for a company’s security efforts. 

What is Cryptojacking?

Cryptojacking is just what it sounds like. It is a hacker hijacking your cloud instance and using its power to mine crypto currency. The most popular cryptocurrency that is being mined through this form of hacking is Monero.

"Cryptojacking had a 35 percent share of all web threats, and that is honestly absolutely insane." —Tyler Moffitt, Webroot 

Do you need urgent help? Let's chat.

This form of hacking is the fastest growing threat to the enterprise cloud currently going on. That said, this is just one area that needs to be paid attention to as a recent report showed that almost half of all organizations have some form of malware in their cloud applications in 2019. This, of course, is a major threat to the security and infrastructure of any organization using the cloud. It also applies to any organization looking to move to the cloud.

Who is a Target for Cryptojacking?

The biggest targets for cryptojacking are data centers and Infrastructure as a Service (IaaS) platforms due to the amount of processing power that can be tapped into. The typical way that these hackers gain access is through phishing campaigns or infected websites with JavaScript that auto-executes in the victim’s browser. The hackers then seek to operate undetected for as long as possible by varying their timing and usage of the compromised systems. Their goal is to stay in as long as possible with their code running in the background mining away for them. This form of hacking can net these hackers millions in cryptocurrency.

While you may think this type of attack is only happening to smaller, less secured, or ill-equipped resourced companies, you would be wrong. It is happening to companies of all sizes and some that may surprise you, including Tesla, CapitalOne, and British insurer Aviva. The only slow down seen in cryptojacking has been due to the fluctuating prices of cryptocurrencies. Despite that, cryptomining is still replacing ransomware as the biggest threat out there.

How Do You Protect Yourself from the Invasion?

So the natural question is how can you lock down your environment and protect your organization from allowing this to happen? And, how can you find out if this is currently happening? One of the biggest points of entry for all security breaches are the employees. Constant and repetitive security and awareness training is needed to help keep employees up to date on all types of threats and reduce their potential impact. Along with that, some governance around multi-factor authentication and usage of strong passwords are recommended remedial strategies that go very far in protecting your cloud.

From the technology side you need to ensure that patches and updates are installed quickly and that there is a Service Level Agreement (SLA) put around this to ensure it’s monitored and done. Also, adding or deploying cloud-based Advanced Threat Detection (ATP) can root out current issues and defend against coming malware threats. Blocking all mining sites and using ad blocker software will also help along with network monitoring.

Paying attention to outside threats is important, but there needs to be the same level of vigilance for potential internal threats, as CapitalOne found out.

By now most have heard the story of Paige Thompson, a former Amazon engineer who was indicted on multiple counts of wire fraud and computer fraud. It's alleged that she not only stole data but also mined cryptocurrency after infiltrating the cloud servers of CapitalOne and 30 other companies. Internal policies need to be as strong as external with proper governance and accountability built in.

If you need help with your cloud migration or initial implementation, ATC can help.

Our cloud practice can help secure and maintain all of your data and help put a proper governance in place to protect it. We also offer cloud optimization services to make sure your cloud instance was properly setup and is being properly utilized to get the benefits, flexibility and savings that the cloud offers.

More from our blog

data into insights full size
How to Decipher Data at Scale (Infographic)

Kelsey Davis

February 6, 2020 | 2 min read
The Best of AWS re:Invent

Nick Reddin

January 16, 2020 | 23 min read

Let's talk about your project.

Contact Us