Cryptomining is the process used to create (i.e. “mine”) new digital currency such as Bitcoin, Ethereum, Binance, etc.
An analogy to illustrate:
Say you want some gold – one simple way to obtain gold is by purchasing it in the form of jewelry, coins, etc. This would be the equivalent of obtaining digital currency that’s been created, ie. Bitcoin.
OR, you may choose to mine gold yourself by doing some research, purchasing the equipment and taking the time to hunt for gold. This is similar to the process of cryptomining.
Mining digital currency is expensive because it requires high-end computing resources and significant power consumption. It’s estimated that worldwide Bitcoin mining consumes more power than entire countries (https://www.cnet.com/personal-finance/crypto/bitcoin-mining-how-much-electricity-it-takes-and-why-people-are-worried/).
Legitimate miners invest in the required high-end computing resources and pay for the power they consume. Criminals, on the other hand, have figured out how to hijack small amounts of computing power from large numbers of devices to achieve the same result.
Here’s how it works: A “cryptojacker” will gain access to someone else’s device and run hidden mining software. The unsuspecting victim continues to use the device normally but may notice symptoms such as heavy battery drain when the device is not in use and/or computers slowing down for no apparent reason. The entire cryptojacking process is automated to hijack thousands of devices.
The activity of cryptomining is very different to ransomware, mainly being a lower-risk activity for the attackers with less chances of attracting law enforcement attention. The damage they can cause remains to be much worse on the side of the victim – according to an article on BleepingComputer, security researchers estimate that the financial impact of cryptominers infecting cloud servers costs victims about $53 for every $1 worth of cryptocurrency mined on hijacked devices.
Another incident investigated by researchers was one where a large-scale hacking group called TeamTNT compromised 10,000 devices for the sole purpose of cryptomining. From just 10 “wallets” found by researchers, TeamTNT made the equivalent of $8,120. However, Sysdig estimated the impact to victims to be $429,000.
Because devices continue to function relatively normally, cryptojacking often evades detection and business impact is primarily in the form of reduced productivity and inconvenience. Conversely, other types of cyber-attacks have an immediate and detrimental impact that shuts down the business (e.g. ransomware).
Bottom line: Do not underestimate the importance of defending against cryptojacking – if you aren’t confident in your defenses, call Birmingham Consulting 289-895-8948.
