With the advancement in technology to ease up the business, there has been an increase in the number of cyber attacks as well. Cryptojacking is one of the forms of cyber attack in which a hacker uses the computing power of a target to mine cryptocurrency. In this process, the attackers try to take advantage of the security loopholes in a business’ I.T. infrastructure. One such example according to RedLock in the attack on the cloud account of Tesla company, to mine for Monero, a cryptocurrency similar to Bitcoin.

Cryptocurrency mining is a process by which transactions are verified. It’s also a process by which a new crypto coin is released. Miners, those who allow their computers to be used for cryptocurrency mining, are compensated for the computer and electricity usage.

Attackers use following flaws or methods to mine the cryptocurrency by stealing the computing resources of businesses:

1. No Password Protection

This is the most basic flaw in I.T. Security, having no password protection in place is sort of an open invitation for attackers. As per the report from RedLock, both Tesla and Aviva were hacked as they were both using Kubernetes administration consoles that were accessible over the internet without any password protection. Kubernetes is an open-sourced tool used to control the computing resources needed to run the apps of an organization.

2. EternalBlue Exploit

May 2017, hundreds and thousands of computers were under the attack of WannaCry ransomware. A few people know that even before this WannaCry attack, there was another malware “Adylkuzz” that used the same EternalBlue vulnerability. This malware was used to mine cryptocurrency Monero, which according to Proofpoint appeared as early as April 24, 2017. Symptoms of the Adylkuzz cyber attack include loss of access to shared Windows resources and degradation of server and PC performance.

3. Browser-Based Cryptojacking

In browser-based cryptojacking, a cryptocurrency mining code is embedded into a website, and site visitors run the mining code via their browser. Browser-based cryptojacking has been around since 2011. Slow computer performance and general unresponsiveness when browsing the web are signs that your organization’s computers are silently mining Monero and enriching the hackers.

There a few ways to keep your business safe from cryptojacking:

1. Monitor Network Traffic

To protect your cloud account from cryptojacking, monitor the network traffic. “By monitoring network traffic and correlating it with configuration data, Tesla could have detected suspicious network traffic being generated by the compromised Kubernetes pod,” RedLock said.

2. Keep Your Organization’s Server Operating System (OS) Up-to-Date

Installing Microsoft’s March 14, 2017 security update, also known as the MS17-010 update, is an effective means to block Adylkuzz cryptocurrency mining malware from infecting your organization’s physical server. The MS17-010 update fixes the EternalBlue, the security vulnerability exploited by Adylkuzz.

3. Get a Quality Cryptocurrency Mining Security Solution

To prevent cryptojacking, get a quality cryptocurrency mining security solution. This security solution should be able to detect and block all types of cryptocurrency mining activities, whether they are browser-based or file-based.

At GigE, we offer cybersecurity services that’ll protect your organization’s cloud account and physical servers from cyber attacks like cryptojacking. Call +1 (888) 366-4443 to schedule and appointment or more detailed information on our services.

What is a Ransomware?

A ransomware is a malicious software, that encrypts computer files preventing users to access their files or that threatens to publish the victim’s data and asks for ransom payment to not publish the data or decrypt or unlock the files it has locked.

According to Malwarebytes, ransomware was the tool of choice by cyber attackers in 2017. Ransomware attacks against businesses increased by 90% in 2017, Malwarebytes reported. It added that the rate of monthly ransomware attacks increased 10 times in 2017 from the rate of 2016, with September 2017 having the largest volume of ransomware attacks ever documented against businesses.

Preventive Measures

Here are some security best practices to protect your company’s server from ransomware attacks, specifically those with worm-like capabilities:

1. Keep Server Operating System (OS) Updated

Any software is not released as perfect software. Cyber Attackers are always in search of a security loophole in the softwares. On many occasions software makers are able to find the security loophole and launches a new improved version that has taken care of the vulnerabilities. Hence an updated server OS is essential to keep your data secured against the known and fixed security loopholes. Failing to keep your Server OS updated only exposes your organization’s server to cyberattacks. WannaCry from May 2017 was one of the Ransomwares that used unsupported server OS.

2. Segmentation of Business Network

It is not always feasible to update the security patches as soon as they the software makers release it. By segmenting the business network, businesses can limit the effects of a cyberattack.

Network segmentation involves dividing your company’s computer network into subnetworks. Even if one subnetwork is affected by a ransomware or a cyber attack, other subnetworks are not infected.

3. Regular Data Backups

Backing up critical data is a must in every organization. Ransomware attackers won’t have leverage against your company if regular data backup is consistently done. Cloud backup is also essential when dealing with natural disasters like earthquakes, fire or flood and also when a theft or accidental deletions is involved.

At GigeE, we help many businesses across Canada to be well prepared by offering services like cloud or on-site backup solutions, Server OS updates and best anti malware and ransomware softwares. Call 888-366-4443 for more detailed information on our services.