Skip to main content

No Ransomware? Your Data Could Still Be At Risk

Over the course of 2017, businesses were on high alert for ransomware, a form of malware that steals files and demands funds in exchange for their return. But just as IT teams and staff were getting a handle on ransomware, the threat began to dissipate. In 2018, the major threat to business security took a turn. Enter: crypto mining.

 

What Is Crypto Mining?

 

Though crypto mining is another manifestation of malware, from a security standpoint it helps to understand its purpose and why this particular mode of infection is on the rise. In essence, companies that issue cryptocurrencies like Bitcoin, Ethereum, and Verge need to validate their deeply encrypted transactions. To do this, they “mine” or harness CPU power from vulnerable systems and consequently slow down your devices.

 

Mining Prevention 101

 

Miners can latch onto your company’s computer systems in several ways. One of the most common ways they get in, though, is via BYOD-based leaks. Since most home-users lack robust security systems, allowing employees to use personal devices at work can leave your whole system vulnerable. One false move and your whole company will be deep in the digital mines.

 

To prevent crypto mining, your company should block access to crypto mining pools. Here’s a list of mining pool domains and IP addresses your firewall can use as a blacklist. You should also be using a security system that scans for this kind of malware so that any stray mining activities can be promptly shut down.

 

Spotting The Sources

 

Besides installing appropriate security protocols, your company’s best defense against crypto mining is knowing where these attacks stem from.

 

One of the earliest major crypto mining attacks, launched in May 2017, is powered by the same software as the WannaCry attacks, known as EternalBlue. This particular attack releases a botnet into vulnerable machines to turn them into mining operations. At its peak, there were over half a million infected computers mining the Monero cryptocurrency. Businesses are a favored point of attack because the botnet targets servers rather than individual computers. After all, you turn your computers off, which turns off mining. You don’t turn off your server.

 

Advertisements are another key source of crypto mining attacks, and a particularly insidious one. In late January 2018, for example, crypto mining infected some double-click advertisements via Google’s ad network. These ads are supposed to be revenue generators for businesses, but instead they were hijacked as entry routes into end-user’s computer systems.

 

Ads are such excellent vectors for crypt mining that Salon.com is actually testing them out as a monetization strategy to undercut ad-blocking software. Though at least Salon is being transparent about their intention to turn computers into crypto mining operations – and staff definitely shouldn’t use the site at work – it should make security officers wonder how many other outlets are secretly monetizing your company’s system.

 

What’s The Risk?

 

Though crypto mining ostensibly just unauthorized use of computer power, its security risks are serious. First, because the goal of crypto mining is to operate covertly in the background of traditional operations, you run a very immediate risk of transmitting the associated malware to customers and business partners.

 

In addition to stealing your productivity power by using your server, the very presence of crypto mining means someone is playing around in your files. They may not be explicitly interested in your data, but that doesn’t mean they’ll leave it all untouched. Prior forms of ransomware scrambled files and inserted more malicious attacks. Evolving crypto mining forms could combine the two to take over greater amounts of CPU power by denying your business access to its own server.

 

Crypto mining as security breach is so insidious precisely because it seems harmless, but what security professionals and C-suite officers need to recognize is that system protection is at the heart of the matter. If there’s a breach for crypto mining software to get in, then there’s also an opening for other forms of malware.

The post No Ransomware? Your Data Could Still Be At Risk appeared first on Blogtrepreneur – For Busy Entrepreneurs.

from: Blogtrepreneur – For Busy Entrepreneurs
via Blogtrepreneur

Source: No Ransomware? Your Data Could Still Be At Risk Via Business Advice.

Comments

Post a Comment

Popular posts from this blog

How to Add Web Push Notification to Your WordPress Site

Do you want to add push notifications to your WordPress site? Push notifications allow you to send notifications to users even when they are not visiting your website. In this article, we will show you how to easily add web push notifications to your WordPress site. We will also talk about the best WordPress push notification plugins and how to send desktop & mobile push notifications from your WordPress site. What is Push Notification? Push notifications are clickable messages displayed on top of user’s desktop or notification area on their mobile device. They can be shown even when the user’s browser is not open. Aside from desktop, web push notifications also work on mobile devices. This allows you to reach your users across devices with latest updates and offers. Web push notifications have proven to be a very effective way to convert website visitors into customers and loyal followers. Why Add Web Push Notifications to Your WordPress Site? We have already discussed tha...
Post a Comment
Read more

5 Things You Should Know about Purchasing a Company Vehicle

  Many businesses require a vehicle to do business. It transports both goods and people from point A to point B and allows you to keep business dealings in-house. However, choosing a good company vehicle can be somewhat complex. You shouldn’t take the decision lightly. Here are a few things you should know before you buy a vehicle for your business: Accidents can happen, placing liability on you. You might think that an accident won’t happen if you hire drivers with a good track record and write a rule-book with strict policies and procedures. These are good tactics for mitigating some of the risks associated with commercial car accidents, but they won’t protect you completely. More than two million car accidents happen each year. Many of them are commercial truck accidents, costing millions in damages. Since commercial drivers are on the road more than personal drivers, they’re significantly more likely to cause an accident. Understanding the liability that’s placed on yo...
Post a Comment
Read more

5 Essentials for Starting a Business in 2019

Is 2019 the year that you finally start your own small business or startup? There are a lot of good reasons to consider starting your company this year. You can do it. You don’t necessarily need a degree in business or finance to be successful. But keep reading—there are a few essentials for getting up and running that you won’t want to miss. 1. A great business idea If you’re kicking around a few ideas for your new company, or you think you have a concept but aren’t sure it will work, use these resources to help you think it through before you invest a ton of money and time. Validate your best ideas Our guide to coming up with a great business idea is packed with ideas for all kinds of industries. This article on generating hundreds of business ideas is a great place to start. When you’ve settled on one (or a few) favorites, download our free Business Idea Validation Checklist , which is an excellent tool for making sure your idea has legs before you invest any more time or...
Post a Comment
Read more