According to recent studies by endpoint security vendor Symantec, cryptocurrency mining attacks (often called cryptojacking) saw an increase of 34,000% in 2017. That isn’t a typo. In Q4 2017 alone, Symantec’s endpoint security platform detected a 8,500% increase in such attacks.
Cryptojacking malware exploits a victim server’s own processing power to “mine”—verify digital transactions in return for payment —digital currencies. This malicious venture has proven so lucrative and convenient some experts believe that it’s the reason ransomware has seen something of a decline in frequency and in price in recent months.
The threat of cryptojacking is far more insidious than ransomware. It’s designed to sneak into a server or network and work quietly, but its effects are devastating: drained battery life, decreased machine performance, and in the most extreme cases an outright network shutdown. Cryptojacking can render some enterprises unable to function for days or weeks, and enterprises in particular are vulnerable to these attacks. They have more processing power and electricity to steal than the average user, allowing hackers to shift the costs of their activities more effectively.
How can you keep cryptojacking malware off your enterprise’s network?
Act Quickly If You See Signs of Cryptojacking
There are some common symptoms. A computer bogged down by a cryptojacking code (and malware in general) will run abnormally slow, despite the system appearing to run at a higher than normal rate. Keep an eye out if your endpoint starts running at a high rate at an unusual time, such as when visiting particular websites or if no programs are running. This is a clear sign something is wrong.
If you notice suspicious behavior, alert your IT security team so they can begin investigating immediately. You want to prevent a network shutdown and mitigate the expenses of the cryptojacking code.
Keep Your Endpoint Security Solution Up-To-Date
Legacy anti-virus programs will generally not be capable of handling the increasing sophistication of cryptojacking tactics. Most modern attacks use “fileless malware” that runs only on memory and thus evades traditional signature-based detection methods. Keep your endpoint security solution updated, regularly patched, and evaluate whether it may be time for an upgrade.
Practice and Enforce Good Digital Hygiene Practices
Installing a solid anti-virus and endpoint security solution is only the first step; it’s meaningless if you don’t take some cybersecurity initiative on yourself. Digital hygiene best practices include:
- Installing an ad blocker on your network
- Installing specialized anti-cryptojacking browser extensions
- Reviewing third-party software before installing it
- Removing unnecessary services
- Practicing spearphishing prevention strategies
Additionally, keep an eye on your website security, as cryptojacking malware can take advantage of website visitors’ processing power via infected websites. Make sure you train your employees in cybersecurity best practices and evaluate them regularly to ensure they have retained it and are acting on their knowledge.
Keep an Eye on Your Internet of Things (IoT)
The IoT is one of most targeted attack vectors for the modern enterprise. Most of those devices aren’t secured by even a paltry cybersecurity platform, and their design makes them difficult to update or patch if they do have one. Cryptojacking hackers can take advantage of this deficiency—it can provide an enticing trade-off, sacrificing raw processing power for increased stealth. Look for devices that inexplicably slow down, and make sure all IoT devices are regularly patched and evaluated.
Latest posts by Ben Canner (see all)
- Endpoint Security and Phishing: What to Know - August 13, 2020
- Findings: The Forrester Wave: Enterprise Firewalls, Q3 2020 - August 11, 2020
- Thinking about Long-Term Endpoint Security (During and Beyond COVID) - August 6, 2020