Protect Your Small Business from Cryptojacking

By |2019-01-09T10:33:06-05:00January 15th, 2019|

There’s a shift in cybercrime happening of the “silent but deadly” variety.

Ransomware has been a huge problem over the past few years, and in response, businesses implemented strategies to combat hackers. In return, cybercriminals are changing their tactic. Instead of holding information hostage for ransom (to be clear, this isn’t going away), they hack into your system to use your network power for personal gain through a process called cryptojacking.

What Is Cryptojacking?

To understand cryptojacking, you first have to understand the basics of cryptomining. You can read the details in Investopedia’s article, but we’ll sum it up quickly here:

Cryptomining is a time-consuming, resource-draining, painstaking process of combing bitcoin data for digital currency. Cryptomining itself is not an illegal activity; hacking into networks to use their processing power to mine more cryptocurrency at a much faster rate is (this is called cryptojacking).

Cybercriminals use cryptojacking to maximize their monetary gain by hacking into your network to use the processing power of your business computers to execute their plan, with or without directly threatening your data.

According to CSO Online, “With ransomware, a hacker might get three people to pay for every 100 computers infected. With cryptojacking, all 100 of those infected machines work for the hacker to mine cryptocurrency.” In January 2017 until August 2017, the industry saw a 600% uptick in cryptojacking.

So Why is Cryptojacking So Bad?

While it doesn’t hold your information hostage, cryptojacking takes its toll on your business in another, perhaps less obvious way: slowing performance.

Your resources are drained by the extra activities running in the background. Slower performance of your tech means:

  • Employee output decreases
  • Productivity slows
  • Vulnerability to other attacks
  • Eventual hardware repair/replacement
  • IT resources strained

How Cryptojackers Get In

There are two common ways cryptojackers infiltrate your networks:

Internet
These are either embedded in a website or in ads that when clicked, install the cryptomining script that runs in the background without your knowledge.

Email
Don’t click suspicious links. Learn how to spot them from our Verify Email Sender blog post.

The few telling signs of an infected device aren’t overly obvious or helpful, which makes detecting these hacks much more difficult:

  • Overheating
  • High processor usage
  • Slow response times

If you’re noticing these things, contact your IT department immediately for further assistance.

How to Avoid Cryptojacking (and Other Viruses)

  1. Patch systems in a timely manner
  2. Update your operating systems
  3. Back up your data
  4. Encrypt your files. This prevents hackers from easily obtaining your information. This article by Lifewire provides more insight
  5. Train your employees
  6. Install an ad blocker on your browser
  7. Install anti-malware programs
  8. Utilize account controls and permissions
  9. Implement email filters
  10. Have penetration testing and vulnerability analysis done

If you don’t currently have an IT provider, we highly recommend making room in the budget.
If you’re concerned about the cost, check out the numbers at the end of this article.
If you have one and they aren’t doing these things, it’s time to look for a new provider.

Here are a few key questions you should be asking an IT provider, whether they’re current or prospective.

Questions? Contact us! We’d love to help.

 

Subscribe to our blog