Thanks to the huge and lucrative growth of cryptocurrencies such as bitcoin, a new cyber threat has emerged: cryptojacking. Rather than stealing data, however, the main purpose of this hack is stealing computing power.
Cryptocurrency relies on a digital distributed ledger known as a blockchain to keep transactions secure, anonymous and free of requirements and scrutiny by third parties such as governments and banks. Generating cryptocurrency — a process known as ‘mining’ — requires an enormous and expensive amount of computing power. In order to cash in, enterprising hackers are now taking advantage of vulnerabilities that allow them to hijack CPUs, from personal laptops and smartphones to industrial computers, in order to run their mining operations on the largest scale possible.
This month alone, several incidents have highlighted the threat.
Cybersecurity company Radiflow announced that it had discovered a cryptocurrency malware attack on the network of a critical infrastructure operator. The malware diverted CPU power from the normal and necessary functions of a water utility in Europe to a mining operation for the cryptocurrency Monero.
In a recent discussion of this topic on the radio program Science Friday, Dan Goodin, security editor for Ars Technica, explained that nearly 4,300 hijacked sites fed malicious code to any computers visiting one of those sites, allowing hackers to use those computers to mine Monero. The affected websites included a number of government sites in the U.S., the U.K. and worldwide.
BBC News reported that Russian nuclear scientists working at a top-secret nuclear warhead facility were arrested for a plot to use that facility’s supercomputer to mine bitcoin.
Even a company as sophisticated as Tesla is not immune. Wired recently reported an attack on the company’s public cloud server that happened last month.
In each of these cases, the cryptojacking was detected and addressed quickly, but the risks are still great. “Cryptocurrency malware attacks involve extremely high CPU processing and network bandwidth consumption, which can threaten the stability and availability of the physical processes of a critical infrastructure operator," said Yehonatan Kfir, CTO at Radiflow.
Radiflow CEO Ilan Barda expects these attacks to continue and those responsible for security will have to keep up. "This case emphasizes the need for a holistic cybersecurity solution for OT networks, including access control, intrusion detection and analytics services with the relevant expertise," Barda advised.
Goodin explained that this type of computer hijacking affects individuals by putting a strain on their impacted computers or smartphones and by stealing energy, either by draining the battery or surreptitiously using their electricity. He suggested that to protect your devices, always install operating system and browser updates as they become available. He noted that many anti-virus programs are starting to detect and warn users when the browser is trying to mine cryptocurrency. Lastly, he advised that ad blockers can also add protection from these threats.