Cryptojacking has been a security problem for businesses for some time now. You probably know that unprotected internet-of-things (IoT) devices also pose a problem for organizations. But, the newest security challenge facing businesses: Cryptojacking malware that leverages unprotected IoT devices.
Cryptojacking is an infiltration tactic used by hackers with an expertise in cryptomining. It involves covertly stealing computing power to mine for bitcoin or other cryptocurrencies. According to Fortinet, 23.3% of surveyed organizations are now seeing cryptojacking malware within their systems.
As cryptojacking strategies have been developed and refined, they have focused on targeting vulnerable networks. Unsurprisingly, most unprotected devices are not located inside businesses; they are in the home. These IoT devices can be extremely advanced, lack proper security, and are everywhere. Media devices are especially attractive targets due to their use of powerful GPUs combined with lax home security. Worst of all? This infiltration, and associated headache, doesn’t end at the front door.
Remote work is more popular now than ever and most employees use their company-owned devices in their homes. IoT devices also interact with each other, whether it be smart watches, Bluetooth headsets, or external speakers and are reliant on home networks to function. These devices can become infected in a compromised home network; when you bring those devices to work, your business network can be infiltrated too.
The reason this malware is so distressing to businesses is because of how it infects networks. It communicates in a complex and decentralized manner, using custom-built peer-to-peer communication to implement a variety of malicious routines. Initially, the malware only targeted routers, IP cameras, and DVRs. Now, it targets cross-platform database systems and smart home devices. These exploits remain effective largely because of poor patching and maintenance procedures on security equipment and devices.
Fortinet suggests some counter measures to mitigate the risks to your business:
- Identifying risk: Users, data, devices, locations and threat intelligence feeds, along with a host of other criteria, need to be used to identify threat categories and assess risk in real time.
- Managing policies and devices: Seeing all devices and their related activity, including IoT devices, allows IT teams to appropriately set policies to manage risk across the network.
- Exerting control: Organizations can better control risks from a policy standpoint by treating those parts of the network that interact with IoT devices differently.
- Managing access: One of the most critical risk management tools provided by segmentation is the ability to impose strict access controls based on user, role, device type or even applications. As devices either initiate a new network connection or as traffic or applications attempt to cross network segments, access control combined with inspection helps establish secure perimeters around critical resources by identifying and preventing the spread of malware such as cryptojacking.
Because cryptojacking is predicated upon concealment, it is hard to find this malware grinding away in your systems. Inspecting all encrypted traffic can be extremely difficult depending on the bandwidth of your organization. We often see businesses completely unaware of compromised mailboxes sending illegitimate communications, so organizations naturally discovering crypto-malware is nearly impossible.
To ferret out this kind of infiltration, you need an expert. At Peters & Associates, we have cyber security experts versed in everything from penetration testing, to black box examinations, to breach response. We are currently offering a free vulnerability scan to get you started, email info@peters for more information or fill out this contact form.