Cryptojacking: Turning systems into zombies for crypto mining operations

In an exclusive interview with BW Businessworld, Sanjay Katkar, Joint Managing Director and Chief Technology Officer, Quick Heal Technologies Limited discusses the threat of cryptojacking.

· Is cryptojacking a reason behind the failure of cryptocurrency in India?

To correlate the two would be presumptuous. The main reason why the Indian Cryptocurrency industry is currently facing turmoil is because the government feels it as an unregulated avenue of investment. Threats such as cryptojacking, however, will only serve to strengthen the regulators’ belief that cryptocurrencies are dangerous and unsafe for the public.

· How can you find if a system is suffering from cryptojacking?

One of the most prominent markers of cryptojacking is a sudden slowdown in the operating speed of the affected systems. This is because hackers turn affected systems into zombies and use their processing power to drive crypto mining operations. Other physical symptoms that can be used to gauge whether a system has been infected is an abrupt increase in the CPU fan speed in laptops and desktops, as well as battery overheating in both mobile and larger devices.

· Why cryptojacking has become one of the biggest threats that individuals, companies and governments will face in 2018?

Due to the rise in the valuation of cryptocurrencies, cryptojacking has become a hot attack vector for cybercriminals. Cryptojacking allows attackers to discreetly mine cryptocurrencies on infected endpoints without the knowledge of the users. Attackers may or may not be able to make financial gains out of sophisticated attacks like ransomware but cryptojacking continues to pay out enabling them to illegally mine cryptocurrencies.

So far, all uncovered cryptojacking attacks have been used only for powering crypto mining operations. No data seems to have been compromised as of now, even in the more recent high-profile cases where large conglomerates were targeted. Organisations currently find their corporate networks at the risk of partial or complete operational shutdown. Cryptojacking can also significantly increase cloud CPU usage for businesses, which adds to their operational costs. The main loss, at the moment, is largely restricted to operational disruption and financial costs.

That, however, is no guarantee that cryptojacking won’t be used for more nefarious activities such as corporate espionage and data pilfering in the future, or used as an attack vector to complement other cyber-attacks such as ransomware. If and when that happens, it is entirely possible that users across the value chain – be it individuals, businesses, or governments – will find themselves facing a cybersecurity threat of unparalleled proportions.

At Quick Heal Security Labs, we detected over 14 million cryptocurrency miner hits in 2017 alone. Given the pace at which the threat landscape is evolving, we expect cryptojacking to witness an exponential increase in 2018. More and more cybercriminals will use cryptomining as a highly lucrative revenue stream.

· What is the role of newer technologies like AI, IOT in addressing such cyberattacks?

Given the massive computational power available at its disposal, AI can proactively detect, monitor, and manage security threats, as well as flag any suspicious or unauthorised activity. Using AI has finally given cybersecurity experts the tools needed to tackle the growing global menace of cyber-attacks.

IoT is generally perceived as a major cybersecurity risk at present. This perception is partly true; cybersecurity experts have detected multiple vulnerabilities in IoT devices, with new vulnerabilities being discovered every day. With the number of connected devices expected to cross 50 billion by 2020, one compromised node could risk the security profile of a much-larger global network. What, however, is often overlooked is the fact that IoT also presents a massive window of opportunity to counter the extant cybersecurity challenges. By implementing more robust hardware-based security and using securer communication protocols, IoT device manufacturers can actually help in significantly limiting the attack

vectors that can be exploited by cybercriminals. There is a need for greater end-user awareness as well; the most vulnerable IoT devices are the ones which aren’t updated frequently with latest patches and fixes. Making consumers understand the criticality of regular device updates will go a long way in bolstering the global cyber defence effort.

· What are the measures to control cryptojacking?

Hackers are deploying cryptojacking by getting the victim to click on a malicious link in an email or by infecting websites or online advertisements with Javascript codes. Keeping OS and security software updated with latest versions can help in preventing cybercriminals from infecting systems. Businesses should adopt a multi-layered security approach by adopting security solutions like Unified Threat Management (UTM) and Endpoint Security (EPS). UTM solution helps businesses secure their network with advanced features like gateway antivirus, firewall protection and URL filtering. On the other hand, an EPS solution with strong behaviour based detection detects prospective attacks and protects systems well in advance.

Tags assigned to this article:
Cryptojacking quickheal cryptocurrency Cyberattacks iot


Around The World