If you aren’t familiar with cryptojacking you are not alone. Most people aren’t, and that is one of the reasons it is thriving. The hackers behind it are doing everything they can to keep it hidden so that it doesn’t become a major focus for a company’s security efforts.
What is Cryptojacking?
Cryptojacking is just what it sounds like. It is a hacker hijacking your cloud instance and using its power to mine crypto currency. The most popular cryptocurrency that is being mined through this form of hacking is Monero.
"Cryptojacking had a 35 percent share of all web threats, and that is honestly absolutely insane." —Tyler Moffitt, Webroot
This form of hacking is the fastest growing threat to the enterprise cloud currently going on. That said, this is just one area that needs to be paid attention to as a recent report showed that almost half of all organizations have some form of malware in their cloud applications in 2019. This, of course, is a major threat to the security and infrastructure of any organization using the cloud. It also applies to any organization looking to move to the cloud.
Who is a Target for Cryptojacking?
While you may think this type of attack is only happening to smaller, less secured, or ill-equipped resourced companies, you would be wrong. It is happening to companies of all sizes and some that may surprise you, including Tesla, CapitalOne, and British insurer Aviva. The only slow down seen in cryptojacking has been due to the fluctuating prices of cryptocurrencies. Despite that, cryptomining is still replacing ransomware as the biggest threat out there.
How Do You Protect Yourself from the Invasion?
So the natural question is how can you lock down your environment and protect your organization from allowing this to happen? And, how can you find out if this is currently happening? One of the biggest points of entry for all security breaches are the employees. Constant and repetitive security and awareness training is needed to help keep employees up to date on all types of threats and reduce their potential impact. Along with that, some governance around multi-factor authentication and usage of strong passwords are recommended remedial strategies that go very far in protecting your cloud.
From the technology side you need to ensure that patches and updates are installed quickly and that there is a Service Level Agreement (SLA) put around this to ensure it’s monitored and done. Also, adding or deploying cloud-based Advanced Threat Detection (ATP) can root out current issues and defend against coming malware threats. Blocking all mining sites and using ad blocker software will also help along with network monitoring.
Paying attention to outside threats is important, but there needs to be the same level of vigilance for potential internal threats, as CapitalOne found out.
By now most have heard the story of Paige Thompson, a former Amazon engineer who was indicted on multiple counts of wire fraud and computer fraud. It's alleged that she not only stole data but also mined cryptocurrency after infiltrating the cloud servers of CapitalOne and 30 other companies. Internal policies need to be as strong as external with proper governance and accountability built in.
Our cloud practice can help secure and maintain all of your data and help put a proper governance in place to protect it. We also offer cloud optimization services to make sure your cloud instance was properly setup and is being properly utilized to get the benefits, flexibility and savings that the cloud offers.