Cryptojacking Attacks Growing in Popularity According to Symantec

We’ve written about cryptojacking and how to stay safe from these attacks, but people don’t seem to learn. When the news dropped about Tesla’s cryptojacking, it was clear that the problem was user based. Symantec’s recent Internet Security Threat Report goes into detail about the growing problem of cryptojacking.

The growing cryptocurrency problem

Bitcoin has been a topic of discussion across the business world. Both people who know blockchain and people who know the stock market have a love-hate relationship with Bitcoin. Today (it’ll likely be different tomorrow), Bitcoin is sitting around $6,000. This is up from almost nothing a few years ago, and down from almost $20,000 a few months ago.

Regardless of its success or failure, Bitcoin is huge, and people are obsessed with it. Recent ransomware attacks have asked for Bitcoin as payment. These attacks are targeting hospitals, cities, major airlines, etc.

Cryptojacking explained

Cryptojacking is another method that hackers/crypto miners use to obtain Bitcoin and other cryptocurrencies. This is done by taking over a cloud platform. Cloud platforms have tremendous amounts of computing power, enough to mine Bitcoin. Symantec says that Bitcoin is incredibly difficult to mine on a home computer.

According to Symantec’s research, “Coinminers made up 24 percent of all web attacks blocked in December 2017, and 16 percent of web attacks blocked in the last three months.”

Symantec points out that this is a less disruptive way for cybercriminals to make money. The victims don’t notice immediately, which was the case for Tesla and other companies.

Tesla’s attack was highly preventable, as was the case for other victims. Tesla didn’t believe having a password on their Kubernetes administration console was necessary, for some reason. Through this, crypto miners were able to infiltrate their AWS account to mine cryptocurrency using the cloud’s computing power. Cloud security is essential to maintaining the safety of your enterprise’s information, and obviously, that starts with having a password.

Constant monitoring

These attacks can go on for months at a time without anyone noticing. Enterprises are apparently overlooking the importance of monitoring. The biggest flaw in DevOps is the lack of built-in security. Faster development and release schedules are great, but not if you don’t notice (or care about) major vulnerabilities (like having no password).

IT professionals must invest in DevSecOps going forward. DevOps needs security built in going forward. Cloud security needs to be a priority. These platforms don’t necessarily take care of themselves. Network monitoring solutions can help you discover normal user behavior, and it can recognize when someone is using a large amount of computing power to crypto mine. Hackers are coming through the cloud, IoT devices, and any other vulnerability, monitoring is more important than ever.

Our free network monitoring buyer’s guide can help you find the solution that will keep your company safe.

Container and cloud security

Having less security is never the right call. Sometimes development teams don’t necessarily want security built in as their working, but they need it. Catching vulnerabilities in your build environment are essential to releasing the best product possible. My recent container security article goes into this in detail. Container and cloud security are often overlooked, as following popular IT trends can be overwhelming without the proper care.

Perhaps the simplest takeaway from my recent article was registry security. A lot of IT teams have irrational trust in their colleagues. You should never have so much trust that a core security feature is ignored. It’s almost unbelievable that Tesla didn’t have a password on their container administration console. Passwords already lack security, as we recently saw the Hawaii Emergency Management Agency leak a password that was written on a Post-It note. It’s better to have a vulnerable password, or a password written on a note, than having no password at all. Password technology may be changing with biometric authentication, but for now, please stick with a decent password.