The popularity of cryptocurrencies like Ethereum and Bitcoin surged during the pandemic era. What began as a niche, almost novelty form of payment in the 2010s, transformed into a legitimate financial asset. These currencies significantly contributed to the development of emerging technologies such as the metaverse and Web 3.0, a decentralized, blockchain-based version of the Internet open to everyone.
Although excitement around the metaverse and Web 3.0 has somewhat diminished, cryptocurrencies have maintained a strong presence in business and technology. Despite a collective drop in 2022, Bitcoin has since reached record highs, with other popular coins also experiencing significant value increases.
The rising value of Bitcoin and other cryptocurrencies may lead to an increase in crypto mining operations by individuals and groups aiming to capture a share of these gains. However, if this trend continues, it could spell trouble for organizations with vulnerable technical infrastructures, many of which do not realize they are at risk of exploitation from illegal crypto mining operations.
As such, business leaders should familiarize themselves with the tactics cyber criminals use to exploit tech infrastructure for crypto mining, and understand how they can prevent it.
Legal vs. Illegal Crypto Mining
Cryptocurrencies were invented to establish a decentralized form of payment, meaning that banks or institutions had no control over their use and distribution. However, to protect against inflation, new crypto coins must be “mined,” a process that involves solving complex mathematical problems. This process not only validates transactions and secures the blockchain but also controls the coin supply to prevent inflation, thereby adding security and integrity to the network. It’s worth noting that newer guidelines exist for some cryptocurrency that doesn’t require mining, but mining is, by-and-large, still a large part of the process today for many currencies.
That said, in the early days of Bitcoin, it was possible to mine crypto coins with a standard PC, but the increasing popularity of cryptocurrencies has decreased the number of generated units to prevent inflation. This means that crypto miners need much more computational power and resources, with many now renting hash services from a cloud mining provider to perform the same job.
While many crypto miners obtain their support through legitimate means, the high costs of legal mining operations have inspired some to seek support illegally with the help of botnets. This practice allows miners to make as many computers as possible part of one network, without the consent of the user.
Forms of illegal crypto mining
Bad actors can engage in illegal crypto mining through two primary methods: the injection of JavaScript commands and crypto-jacking via malware.
The first method exploits popular crypto mining programs, such as the now-defunct Coinhive. Since most crypto mining programs run on JavaScript, bad actors deploy scripts across websites and browsers. When users visit these crypto mining websites, the script forces the users’ devices to engage in crypto mining without their notice or consent, sometimes even utilizing the full processing power of the device.
The second method, crypto-jacking, is much more serious. Cybercriminals will often deploy malware specifically designed to exploit digital infrastructure, often through links to infected websites and pirated software. Users will unknowingly click links or download software, deploying malware that runs in the background. Due to the large amount of computing power needed to support the mining, criminals will throttle the software to avoid detection. Crypto mining malware can consume up to two-thirds of a victim’s computer power, making detection even more challenging for users.
The risks of illegal crypto mining for businesses
Business leaders might believe that illegal crypto mining programs pose no risks to their operations. Considering the number of resources most businesses dedicate to cybersecurity, it might seem like a low priority in comparison to other risks.
However, the successful deployment of malicious crypto mining software can lead to even more risks for businesses, putting their cybersecurity posture in jeopardy.
Malware and other forms of malicious software can drain computing resources, cutting the life expectancy of computer hardware. This can decrease the long-term performance and productivity of all infected computers and devices. Additionally, the large amount of energy required to support the high computing power of crypto mining can drain electricity across the organization.
But one of the most severe risks associated with malicious crypto mining software is that it can include other code that exploits existing vulnerabilities. Ransomware and viruses can spread across networks, impacting sensitive data and network infrastructure that can lead to severe financial and legal consequences for organizations.
Safeguarding businesses against illegal crypto mining with employee training
While powerful cybersecurity tools are certainly important, there’s no single solution to combat illegal crypto mining. But there are different strategies that business leaders can implement to reduce the likelihood of a breach, and mitigating human error is among the most important. In fact, the World Economic Forum shows that 95% of all cyber security incidents are caused by human error.
The most effective security awareness environment is one in which employees don’t just know how to identify a possible threat – but one where they see cybersecurity as a necessity, rather than a nuisance. Cybersecurity has to feel like it’s everyone’s responsibility and a crucial part of every employee’s job.
For this reason, it’s important to build awareness on how cybercriminals engage in illegal crypto mining and the kind of tools they use. It is, of course, essential to supplement this with a powerful email security solution which leverages next generation features like advanced threat protection defensive tools powered by AI to spot evolving threats.
Moreover, research at Hornetsecurity revealed that phishing is still the most popular form of cyberattack, representing 43.3% of all identified threats. Spam or spoof emails may often contain links leading to websites contaminated with crypto mining droppers, and as it can be difficult to distinguish them from normal emails.
Business leaders therefore need to treat employees as the first line of defense against these types of cyberattacks, in order to create a “human firewall” to shield against threats. To do this, business leaders should consider these tips to help reduce the risks of illegal crypto mining operations.
Educate employees on cyber threats: Conduct training on the risks of illegal crypto mining, and ransomware for all employees. This will heighten their awareness of strange activity and prevent them from falling for common tricks.
Implement cybersecurity policies for employees: Have a detailed cybersecurity policy so employees fully understand how to work safely and securely. This includes password management, using multi-factor authentication for logins, and policies for using company devices on unsecured networks.
Enable spam and web filters to block suspicious activity: Employ a managed spam filter service and web filters to block all such content in advance.
Encourage communication and transparency: Ensure employees report suspicious activity to IT or cybersecurity teams and their coworkers. This will help stop threats early, and prevent them from evolving into larger problems.
Have an incident response plan: Even with regular training, employees can still make mistakes. An incident response helps employees follow the best course of action if illegal crypto miners manage to compromise IT infrastructure.
Staying ahead of emerging threats and enabling protective measures before cybercriminals can identify potential gaps have never been more important for businesses. Through education and training, businesses can not only fend off the risks of illegal crypto mining, but also from all other types of harmful attacks such as ransomware, while creating a safe security culture across the entire organization.
About the Author
Andy Syrewicze, Security Evangelist at Hornetsecurity, is a 20+ year IT Pro specializing in M365, cloud technologies, security, and infrastructure. By day, he’s a Security Evangelist for Hornetsecurity, leading technical content. By night, he shares his IT knowledge online or over a cold beer. He holds the Microsoft MVP award in Cloud and Datacenter Management. Website: https://www.hornetsecurity.com/en/