Cyber Threat Advisory - DAC Beachcroft

Cyber Threat Advisory's Tags

Tags related to this article

Cyber Threat Advisory

Published 27 March 2018

Crypto-Currency Mining Attacks

NCC Group’s Network Threat Monitoring and Incident Response teams are reporting a significant and sustained increase in attacks where the victim’s computational resources are used by the attacker in order to ‘mine’ crypto-currencies, with one specific currency, ‘Monero’ being the current favourite [1]. Mining crypto-currencies is the process of generating revenue in exchange for providing the computational resources which are required to keep the currency working, by processing transactions.

Crypto-currency mining attacks are, by their nature, generally less disruptive than ransomware attacks or the cyber enabled theft of data / funds – however they do have the potential to incur the victim significant additional costs and impair the function of critical systems.

With regard to defence, a multi-layered approach is required to avoid donating CPU cycles (and the associated electricity costs) to unscrupulous crypto-miners. Good security hygiene, such as staying up to date with patching and educating users on phishing, is essential. In addition, visibility of traffic coming from a user’s PC to a suspicious domain is vital. Managed network monitoring services can help organisations detect these type of attacks early.

Threat Summary: Hackers abusing CPU resources for crypto-currency mining
Business Impact Potential: Increased costs
Recovery Complexity for Organisations: Low
Common Delivery Vectors: Unpatched Software

[1] How to avoid the crypto-minefield

Authors

Hans Allnutt

Hans Allnutt

London - Walbrook

+44 (0) 20 7894 6925

Patrick Hill

Patrick Hill

London - Walbrook

+44 (0)20 7894 6930

< Back to articles