Blog

 

Illicit Cryptomining is the Next Cyber Concern

Published: 19 Mar 2018

It’s cryptomining, a nearly effortless tool that hackers are now able to use, thanks to a new and more anonymous form of cryptocurrency known as Monero and hidden cryptocurrency processing software that invisibly infiltrates Microsoft Windows on everything from servers to android and IoT devices. The system relies on a previously unknown NSA hack and the fact that any organization that uses blockchain technology necessarily connects through a transaction processor known as a miner. Chinese and Russian crime syndicates have weaponized all of these factors to invisibly attack I.T. systems.

                                                  

Unlike previous hacker tools, which deny service and demand payment in big, bold, apparent strokes, cryptomining installs individual bots that operate independently and that steal on such a small scale that they go unnoticed.  By itself, each infection amounts to little of concern, and that means that it is low on a priority list for fixes: this is a mistake. When combined with all of the other systems that a single cryptomining operation infiltrates, it adds up to big business and big money. It is also nearly impossible to detect, and could lead to big losses.

So far, experts have found numerous methods by which cryptomining enters a system. Infected Microsoft Word file attachments can execute a Visual Basic script upon being opened, then move on to target Windows Management Infrastructure. Other methods involve a worm called WannaMine, tools that scan open debugging ports, and vulnerabilities in Microsoft SQL Server and Oracle WebLogic.

Unlike ransomware and other malware attacks, cryptomining requires no action on the part of an end-user: there is no email link or pdf file that users click on and are notified of their infection. What makes it so dangerous is the way it is impacting systems. Instead of demanding ransom or stealing data, the damage is done by infecting millions of systems and stealing their computer power, and therefore the electricity that it relies upon. Though the theft may be so insignificant that it goes without notice, resulting only in higher electrical bills and slower computer performance, the hacker can choose to escalate their usage of the mining bots, using energy to an extent so great that it depletes entire systems and leaves companies without integral resources for extended periods of time.

Because cryptomining installs invisibly and is almost completely detection proof, it can easily spread throughout an organization unchecked until it is completely compromised, and the crime is quickly becoming so popular that there is a real risk that a single organization could be contaminated by multiple bad actors whose individual small-scale infiltrations could result in major slow-downs and enterprise-wide shut-downs.

In the face of ever-changing risks, it is important that you make sure that you have a clear view of what’s at risk and comprehensive insurance policy that provides you with the protection you need. La Playa’s Insurance Policies are tailored to your business, to meet its unique and specific needs. Contact us today to speak to an experienced representative about how to secure your organization.

 

Ready to work with us?

You can call us to talk more about your business on +44 (0)1223 200650 or +44 (0)20 3865 0149

Photo of Elaine Lamb

Elaine Lamb

DIRECTOR, LA PLAYA INTERNATIONAL

Direct Dial: 646 583 1574

Email: elaine.lamb@laplayainsurance.com

Twitter: @elamblaplaya