A cryptojacking attack has forced St. Francis Xavier University to temporarily shut down its computer network systems. The university reports that the cyberattackers attempted to use the school’s computers resources to collect digital currency.
What are cryptomining and cryptojacking?
Cryptomining is the use of computer resources to collect cryptocurrencies such as bitcoin. The act of doing this is entirely legal, and many people voluntarily use their computers to do so.
However, cryptojacking is the illegal act of installing malicious software on unsuspecting victims and using their computers’ resources to cryptomine without their consent. In cryptojacking attacks, the currency earned is then sent back to the attacker.
Risks and consequences of cryptojacking attacks include the following:
- Slow-down of normal computer functioning
- Overheating of computer graphics, processor, or memory due to overuse
There are many ways that a computer can become infected with cryptojacking malware. For instance, they can be transmitted through malicious email attachments. The DDE Exploit is an example of this, and this malware is passed through an infected Microsoft Word document.
Next, cryptojacking malware can also attach itself to your computer through malicious websites. For instance, Coinhive is a cryptomalware that can enter your computer through unprotected websites. Once it infects a pc, it then uses its resources to collect the cryptocurrency called Monero.
Finally, cryptomining malware can enter your computer though compromised cloud services. A recent incident involved numerous large organizations such as Aviva and Gemalto being infected with mining software due to cloud accounts lacking password protection.
How to protect yourself:
There are any steps that you can take to protect your organization’s network against cryptomining attacks. Firstly, you can ensure that your employees are educated in spotting malicious links and files in suspicious emails. By minimizing the human error in the equation, you will be able to reduce the risk of infection. Next, ensure that your email service has antivirus and antispam installed. These software use databases of known malicious websites and automatically block potentially harmful emails.
Ensure that your organization’s computers are running up-to-date antivirus software that blocks cryptomining programs. Finally, ensure that you constantly monitor network activity in your organization. This allows for anomalies to be spotted quicker.
Don’t fall victim to cryptomining attacks. Contact GigE at 888 366 4443 to ensure that your sensitive data is backed-up and protected.