Cryptojacking on the Rise: Employees are Hijacking Company Servers
In recent years, cryptocurrencies have become a valuable and highly sought-after asset. Consequently, we have seen the emergence of desperate schemes to acquire possession of these digital assets, ranging from hacking, physical theft, phishing scams etc. With the frenzy not looking like abating anytime soon, cryptojacking is becoming a big problem.
1,000 cases in Six Months
In an address given by Nicole Eagan, the CEO of cybersecurity firm Darktrace, at The Wall Street Journal CEO Council event, she revealed that the company has recorded 1,000 cases of employee based cryptojacking in the United States. These cases all happened within the span of six months. These employees are stealing servers from their employers and using them to mine cryptocurrency.
Darktrace’s CEO gave an instance of a particular case where a junior staff at an Italian Bank [name withheld] stole servers that he ordered for on behalf of the bank. According to Eagan, the staff stole 12 such servers and stashed them under the floorboards in the data center of the bank where he had set up his own private mining facility. The staff avoided detection for a while but was caught when someone discovered unusual network connections originating from the bank and communicating with crypto mining servers.
Commenting on the issue, the former director of the British Government Communications Headquarters (GCHQ), Robert Hannigan, said that the trend should not catch anyone by surprise. Hannigan who appeared alongside Eagan on the panel said that people are only transferring their criminal activities from the outside world into the crypto community. According to him, criminal elements have always tried to harness unsecured computing power across the web. A trend which was made popular by botnets which use unsecured home and company networks to perform illegal activities on the web. Robert Hannigan was the director of the GCHQ, the British cybersecurity agency, from 2014 to 2017.
Corporate and Domestic Cryptojacking
Cryptojacking, in general, is on the rise. In 2017, RedLock, a security intelligence group discovered that a couple of companies had their Amazon Web Services (AWS) cloud services breached by hackers to illegally mine bitcoin. The hackers wanted to use the computing power of these companies to mine bitcoin. There are also numerous instances of web browser-based cryptojacking activities where hackers attach malware to websites and once visited, the user’s computer is hijacked for cryptocurrency mining.
BTCManager recently reported that cryptojacking incidents in Sweden increased by more than 10,000 percent in the last quarter of 2017. The British government even recently acknowledged cryptojacking as a serious threat. Many internet browser platforms both desktop and mobile have taken steps to solve the problem.