Like most groundbreaking inventions, cryptocurrencies bring a moral paradox: while some people consider them a revolutionary tool to make the world a better place, others already use it to fuel their illegal activities. Therefore, it was just a matter of time before this energy-hungry activity became a serious cybersecurity issue.
Today, the world is witnessing an emerging type of cybercrime that is slowly becoming more popular than ransomware attacks – cryptojacking. Should we worry about it or is this just a security fad?
Cryptocurrency Mining vs. Cryptojacking
In order to properly answer this question, we should clarify the current general context. As crypto-mining methods are evolving, new ethical and legal aspects emerge:
A Flame Waiting to Spread Without Control
Just a year ago, the concept of cryptojacking didn’t even exist. Today, we keep reading news about coinjackers deploying more sophisticated methods of infiltrating devices, as they exploit security breaches. Just to get a taste of it, here are some of the most spectacular cases that made the headlines lately:
Cryptojacking is Here to Stay
There are many reasons that seem to back this statement:
How can Organizations Protect Themselves from Cryptojacking?
Cryptojacking brings its own set of headaches through higher energy bills and device degradation, but it also exposes existing vulnerabilities, which could prove to be fatal to your organization’s reputation and business continuity. Make sure you are prepared for the upcoming likely surge of cryptojacking attacks.
Cryptojacking is a high-reward and low-risk cybercrime, at least compared to other types of attacks, which is something that criminals love. And when it comes to choosing the victim, the bigger, the better. Basically, all organizations running unpatched or outdated software on their infrastructure are under a serious risk of being targeted. There were several instances of cryptocurrency malware taking advantage of known exploits such as the EternalBlue and DoublePulsar exploits used by WannaCry – aptly dubbed WannaMine. A flaw with Oracle’s WebLogic Server (CVE-2017-10271) has been used to deliver miners onto servers from universities and research institutions.
The least that companies can do is patch their systems, as in the above example, Oracle had issued a patch which wasn’t installed. Going further, a more careful resource monitoring can prevent escalation through early intervention when abnormal CPU usage spikes are identified. Take into consideration that, in order to avoid detection, certain malwares are designed to run outside business hours.
On a more complex scale, it is important to prevent and detect cryptojacking file-based and fileless attacks during various stages of the attack lifecycle, both inside the data center and on endpoints. Endpoints are the preferred entry-points that very often allow lateral spreading of the malware. Fileless and script-based attacks - such as Powershell, cmd and wscript - are detected during pre-execution by Bitdefender’s HyperDetect technology, while Process Inspector technology augments these capabilities by jumping in during execution.
To keep data centers from falling victim to highly advanced cryptojacking threats such as WannaMine, Bitdefender offers a powerful prevention technology - Hypervisor Introspection, uniquely capable of defending against zero day vulnerabilities and advanced threats, whether their purpose is to plant cyberespionage malware or deliver cryptocurrency mining software.
It’s important to prevent and detect cryptojacking file-based and fileless attacks during various stages of the attack lifecycle, both inside the data center and on endpoints. Bitdefender GravityZone Elite provides layered next-generation security that greatly helps doing this, while memory protection technology can detect any exploit-enabled delivery mechanisms looking to distribute cryptomining software onto endpoints.
tags
Bitdefender is a cybersecurity leader delivering best-in-class threat prevention, detection, and response solutions worldwide. Guardian over millions of consumer, enterprise, and government environments, Bitdefender is one of the industry’s most trusted experts for eliminating threats, protecting privacy, digital identity and data, and enabling cyber resilience. With deep investments in research and development, Bitdefender Labs discovers hundreds of new threats each minute and validates billions of threat queries daily. The company has pioneered breakthrough innovations in antimalware, IoT security, behavioral analytics, and artificial intelligence and its technology is licensed by more than 180 of the world’s most recognized technology brands. Founded in 2001, Bitdefender has customers in 170+ countries with offices around the world.
View all postsDon’t miss out on exclusive content and exciting announcements!