[BreachExchange] How to Prevent Cloud Cryptojacking Attacks On Your Company

Inga Goddijn inga at riskbasedsecurity.com
Fri Jun 15 20:41:31 EDT 2018


https://ergonotes.com/how-to-prevent-cloud-cryptojacking-attacks-on-your-company/

The cryptojacking attacks have turned into an active and common threat
during the recent years. The shocking news about Tesla
<https://www.ccn.com/tesla-becomes-the-latest-big-name-crypto-jacking-victim/>
becoming
a victim of cryptojacking hackers made other entrepreneurs worry about the
security of their websites and cloud storages. Even if your company still
looks for the answer to the question is cloud mining worth it
<https://personalmoneyservice.com/cloud-mining/> and does not handle any
cryptocurrencies, the attack may happen. According to the Redlock.io
research, about 25% of enterprises are currently affected by cryptojacking
activity.

While the intruders may cause the real damage to the company, their
activity is hard to detect. As cryptojacking attacks are on the rise, it is
better to prevent the invasion than to suffer from its consequences. Here
is the important information that can help you to protect your company from
cryptojacking attack.
What Is Cryptojacking?

Cryptojacking is a new term and it is not surprising that not everyone is
aware of it. However, it is hard to fight with something that you do not
fully understand. Thus, the first step to protecting your company’s
computer system from cryptojacking is to find out how this attack works.

Cryptojacking is an illegal use of someone’s computer power in order to
mine cryptocurrency. Cryptomining requires tremendous computing power that
needs to be paid for. Hackers try to make the process cheaper by accessing
someone’s site or cloud and using the power for free. The intruders can get
into the system by making the victim click on a malicious link in an email
or by infecting a website with JavaScript code loaded in a browser.
How to Protect the System from Cryptojacking?

Follow these simple steps to protect your company’s computing resources
from cryptojacking attack:
Block the Ads

The criptojacking scripts often get into computer through web ads. Thus,
installing an ad-blocking extension can become an effective way to stop the
hackers. Some extensions like No Coin or Miner Block are particularly
designed to detect crypto mining scripts and block them.
Choose Proper Endpoint Protection

The attack could be uncovered at the endpoint if you installed the
antivirus software that has crypto miner detection. The vendors offer
various products that have this feature. Cryptominers keep finding new
techniques to avoid detection at the endpoint. However, there is a good
chance that the cryptojacking attack will be identified at the endpoint if
a proper protection is used.
Be Careful with Browser Extensions

The browser extensions are often used by hackers to bring crypto mining
scripts to the system. It could be both malicious tools and poisoned
legitimate programs. Be careful with installing extensions to your browser.
Monitor the Network Traffic

Analyzing the network traffic and correlating it with configuration data
may allow the company to detect suspicious activity immediately. Monitoring
the network traffic could surely help you to protect your cloud account
from cryptojacking.
Update the Organization’s Server Operating system

In March 2017 one offered a security update known as MS17-010
<https://docs.microsoft.com/en-us/security-updates/securitybulletins/2017/ms17-010>.
It effectively blocks a well-known crypto mining malware named Adylkuzz.
This update is able to protect your organization’s server from the
attackers.
Filter Suspicious Websites

Adding web filtering tools could help to protect your company from the
websites that run crypto scripts. The suspicious websites will be blocked
and will not be able to attack your computer. Do not forget to update
filters as more sites could get infected.
Be Aware of the Inside Threat

Although the corporate policies of some companies do not forbid employees
to run cryptomining operations using corporate resources, the employers
hardly expect them to do it. There is always the risk that the company may
be attacked by an insider. This situation is especially dangerous as the
employees know what type of cryptojacking defense the company uses. Make
sure the employees you hire are trusted and monitor users’ activity on
corporate devices.

Although cryptojacking attacks quickly became a new threat to company’s
computing system, the employers often underestimate the importance of
preventive methods. Follow the recommendations above to protect your
devices from any digital parasites.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20180615/260218dc/attachment.html>


More information about the BreachExchange mailing list