Ad Clicks : Ad Views : Ad Clicks : Ad Views : Ad Clicks : Ad Views : Ad Clicks : Ad Views :
The Tech Art

The Tech Art – Download App for PC, Gaming News, Mobiles, Reviews, How to Guides, Technology News, Downloads, Tips & Tricks

Home / News / Tech News – Six tips for securing your organisation against cryptojacking

Tech News – Six tips for securing your organisation against cryptojacking


Bringing you the latest news from across the tech world. Now go ahead and read what you were looking for, but remember keep checking our news section for more of the latest technology news to keep you up to date and in the know.

Six tips for securing your organisation against cryptojacking

Cryptojacking involves secretly stealing the processing power from a computing device to mine cryptocurrencies. Whilst originally confined to victims unwittingly installing a cryptocurrency mining program on their machines, attacks have now expanded to in-browser cryptojacking that simply involves inserting a few lines of code into a browser plug-in.

This now makes it quicker and simpler to carry out and much harder to detect unless security teams are aware of the indicators and mechanisms of compromise.

With such a small payload, it is easy to infect multiple websites at the same time, making it an attractive weapon for cyber criminals. The UK alone has seen a 1,200% increase in cryptojacking attacks from just last October to this January.

Despite the upward trajectory of attacks, it is possible to defend against. Below I’ve listed six steps for securing your organisation against cryptojacking:

1. Disable Java in browsers

Cryptojacking can be accomplished with a few lines of Java code hidden on a website. Every time an individual visits a corrupted website, the browser can be infected and a java script automatically run to start cryptocurrency mining.

Enforcing a policy of not allowing Java to run, while creating a whitelist of approved websites that employees can access will significantly reduce the chances of your organisation becoming victim to cryptojacking.

2. Look out for the tell-tale signs

Cryptojacking runs a program that steals processing power. This could be running on the company server, or employee laptops and smartphones. If you notice a device running slower than usual or consistently overheating then you should investigate what’s running in the background. If you find something unusual such as a rogue .exe file then it could be a mining component which you can then simply uninstall.

A server that’s been compromised might experience delays in accessing network locations or suffer frequent crashing. However, many cryptojacking attacks are covert enough to target unused CPU, so the effects can go unnoticed, so you should investigating the server to see if it’s communicating with any unknown IP addresses.

3. Look for anomalous programs

Using an anomaly detector, you can find unexpected items or events which do not conform to your network’s usual activity, such as the installation and running of an unknown program. There are plenty of anomaly detectors out there, many of which are now automated or utilise machine learning for greater accuracy. If you think your system is being used for cryptocurrency mining, running an anomaly detector is a good way to investigate.   

4. Ensure your antivirus software is up to date

To reduce the likelihood of your organisation being exposed to cryptojacking (and other cyber threats) you should ensure all machines are installed with the latest updates from your antivirus provider. As there is no silver bullet when it comes to security technology, having a suite of security solutions will vastly enhance your security posture.

5. Stay on top of computer hygiene

Patching is probably the best antidote to cryptojacking attacks. In January 2018, cyber criminals exploited unpatched Oracle WebLogic Servers to mine the cryptocurrency Monero, despite a patch being available from October 2017.

Patching often takes a back seat, despite the fact it is one of the top cause of cyber-attacks. With this in mind, creating a risk model with a regular patching cycle for applications, browsers and operating systems will significantly reduce the threat and incidence of infection by cryptojacking software.

6. Employee engagement

As with every cyber threat, ongoing training and cyber awareness programmes that educate employees on the latest attacks, such as cryptojacking, and the signs they should look out for are crucial. These will help engender a culture of constant vigilance and reporting suspected cryptojacking incidents in the same way that they would report a spam email. 


Source link
Author


  • Facebook
  • Twitter
  • Google+
  • Linkedin
  • Pinterest

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

This div height required for enabling the sticky sidebar
%d bloggers like this: