We're all familiar with the threats of computer breaches and website crashes. But in recent months another, perhaps even more troubling, reason to keep a close eye on your company computer system and website has appeared: cryptojacking.
Cryptojacking is related to cryptocurrency and bitcoin mining. The latter is an online verification process involving complicated algorithms that result in bitcoin transactions being verified and added to the public ledger (blockchain). The result is the release of new bitcoins. Successful miners earn bitcoins and transaction fees.
—Nate Flanders, co-founder and CEO, Mandala
Anyone with access to the internet and the necessary computer hardware can mine bitcoin, which is akin to digital gold mining. This includes cybercriminals, who use cryptojacking techniques to infiltrate computer systems and use them to mine.
How Cryptojacking Works
"In layman's terms, cryptojacking occurs when someone illegally uses another person's computer to mine cryptocurrency," says Hermann Finnbjörnsson, CEO of Svandis, a fintech platform for market analysts and investors in the crypto space.
“Cryptojacking can be a hacker's dream and a user's nightmare, because the user generally isn't aware his or her computer has been infected," continues Finnbjörnsson. “Once a hacker finds a vulnerability and enters a system, such as with a virus in the form of a pop-up advertisement [malvertising] or corrupt email, and the user clicks on the material, it's already too late."
Another way cryptojackers may get in is through improperly programmed apps with poor security.
A planted background script running on your website “literally hijacks your CPU [central processing unit] for the purposes of mining cryptocurrency for however long you visit a particular website," according to Nate Flanders, co-founder and CEO of Mandala, a cryptocurrency trading platform.
“Individuals using cryptojacking are able to harness the power of website users around the world, if only briefly, to increase their probability of receiving a cryptocurrency block reward at no personal cost," says Flanders. “The more power a miner is able to direct at a blockchain, the more likely the person is to find the blockchain rewards. That means that this form of mining can incur massive electrical expenses, as well as hardware wear and tear."
“In its truest form, cryptojacking simply steals electricity," says Ian Eyberg, security expert and CEO of NanoVMs. His company features a platform that prevents cryptojacking.
“However, the damage inflicted to a company with cryptojacking is much more than monetary," says Eyberg. “There can be a negative effect on your company's reputation."
That's because if your company computer system has a vulnerability that allows malicious users to perform cryptojacking, then similar vulnerabilities within your system could potentially be used to access sensitive customer information.
Signs and Symptoms of Cryptojacking
In order to spot cryptojacking at your company, it helps to understand that attacks can come in three forms. According to Eyberg, cryptojacking can affect your company's desktop computer network, website or server.
Increased complaints to your company's computer help desk may indicate possible cryptojacking.
“Employees flocking to the help center complaining of underperforming computers and slow processing issues should be taken as a sign that the system has been infiltrated," says Finnbjörnsson. “Mining currency uses a significant amount of energy, and this can cause a ripple effect in a business that also relies on internet."
Another potential sign is if your browser functions differently than usual, and if you see suspicious content.
“To spot an issue, watch the CPU," says Eyberg. “Do you hear a fan going? Is the site taking over 60 percent of the CPU? That can be an indication of cryptojacking. Your IT specialist will probably be able to help confirm this."
Cryptojacking can also attack your server. This will result in higher cloud bills, according to Eyberg.
“If your cloud bills have spiked recently, find out why," he says.
Protecting Against Cryptojacking
There are several steps you can take to protect against cryptojacking. These include running up-to-date antivirus programs and installing protection software. The latter programs also often check for malicious software and can identify it and block it.
Software updates may also help block cryptojacking. And browser add-ons designed to block mining scripts can reduce cryptojacking by embedding code against it in websites.
“All businesses should adhere to cybersecurity best practices, proper security protocols, password management and regular updates," says Flanders. “Code reviews and regularly visiting a website while monitoring the resource demand on a computer are additional measures that organizations can take to protect their users and their reputations."
If you suspect that illegal mining activity is occurring, immediately exit the website or platform you're using and avoid it, advises Finnbjörnsson.
“Once the program is closed, the hacker will not be able to infiltrate your computer," he says. "If you experienced this on a browser add-on or mobile application, it's best to uninstall the software and delete it completely from the device."
“If you suspect or discover that your company website has been infected with a cryptojacking script, wipe the website information from the host, reinstall and tighten security," says Flanders. “If you suspect that the website host has been compromised, contact support immediately and consider switching services."
Read more articles on cybersecurity.