New computer security threat: cryptojacking

Drive-thru:

  • Cryptojacking is a new form of hacking that can cost you.
  • Cybercriminals hack your system to mine for cryptocurrency.
  • It’s possible to prevent cryptojacking from affecting your company.

It’s enough of a hassle worrying about hackers getting into your computer system and stealing sensitive information. Now there’s a new threat on the block—cryptojacking. Like its name suggests, someone is getting jacked. Turns out it could be your business.

Cryptojacking is related to bitcoin mining for cryptocurrency. This type of mining is an online verification process that uses complex algorithms to verify bitcoin transactions and add them to the public ledger (blockchain). The result is the release of new bitcoins to successful miners.

Anyone with access to certain computer hardware and the internet can do some digital gold mining. This includes cybercriminals, who use cryptojacking methods to get into more powerful computer systems (like yours) and use them to mine for “digital gold” elsewhere on the internet, for free.

How cryptojacking works

“Cryptojacking refers to illegally using a computer system to mine cryptocurrency,” says Hermann Finnbjörnsson, CEO of Svandis, a fintech platform in the crypto space.

According to Finnbjörnsson, the act of cryptojacking is often subtle enough to go on without detection. “Once a hacker spots a vulnerability and breaches a computer system, such as through malvertising (a virus in the form of an advertisement on a web site) or through a corrupt email, the cryptojacking has begun.”

If the cybercriminals are lurking on a website you visit, “they’ll use your computer’s CPU [central processing unit] to mine cryptocurrency for however long you visit a particular website,” says Nate Flanders, co-founder and CEO of the cryptocurrency trading platform, Mandala.

“Cryptojacking is essentially stealing electricity,” says Ian Eyberg, a security expert and CEO of NanoVMs, which features a platform for preventing cryptojacking. “This can result in massive electricity bills for your company.”

If word gets out that your company was cryptojacked, your system will also be seen as a security risk for sensitive customer information, which could be bad for business.

Telltale signs of cryptojacking

In order to detect cryptojacking, it’s important to know that the attacks can be to your desktop computer network, server, or website. Here are some common signs:

  • Your computers are slow and not performing as they usually do. “Mining uses a lot of energy,” says Finnbjörnsson. “This will show in an underperforming computer system—especially when you use the internet.”
  • Your browser suddenly functions differently, and you see suspicious content. If your browser doesn’t look like it usually does, that’s a definite red flag.
  • A website you’re visiting uses more than 60 percent of your computer’s CPU. You may also hear your computer system fan going. (An IT specialist will be able to check all this out for you.)
  • You get sudden higher cloud bills. If cryptojacking attacks your server, your cloud bills will spike.

Preventing cryptojacking in your computer system

So how do you keep cryptojackers from hijacking your company’s computer system? Try these steps to protect your computer.

  • Run up-to-date antivirus programs and install protection software. Protection software generally checks for malicious software and blocks it.
  • Perform software updates. In addition to being essential to your system, updates may also help block cryptojacking.
  • Use browser add-ons designed to block mining scripts. These will reduce cryptojacking by embedding code against the theft in websites.
  • Adhere to strict cybersecurity best practices. “This includes using security protocols, password management and regular updates,” says Flanders. “Code reviews and monitoring the resource demand on a computer while a website is visited are additional measures that you can have an IT specialist perform in order to protect your computer system and company reputation.”
  • Instruct employees to immediately exit a website or platform if they suspect that cryptojacking is occurring. Have the entire team avoid using the website or platform again. “Once you exit the platform or website, the hacker can no longer use your computer to crypotojack,” says Finnbjörnsson.

What to do if your website is compromised

“If your company website is infected with cryptojacking script, an IT specialist can wipe the website information from the host and then reinstall it as well as tighten security,” says Flanders.

If you think the hosting company for your website has been compromised, call the company’s support team. You may also consider switching hosting companies.

Keep fueling up! Here's your next article recommendation...

Sign up. Stay fueled.