Ad Clicks :Ad Views : Ad Clicks :Ad Views : Ad Clicks :Ad Views : Ad Clicks :Ad Views :
    The Tech Art

    The Tech Art – Download App for PC, Gaming News, Mobiles, Reviews, How to Guides, Technology News, Downloads, Tips & Tricks

    Home / News / Tech News – Use good practice to address cryptojacking risk

    Tech News – Use good practice to address cryptojacking risk

    Bringing you the latest news from across the tech world. Now go ahead and read what you were looking for, but remember keep checking our news section for more of the latest technology news to keep you up to date and in the know.

    Use good practice to address cryptojacking risk

    A new piece of cryptocurrency is made each time a complex mathematical problem is solved using computing energy.

    Currencies can be legitimately mined in this way – but this mining activity is also increasingly attracting fraudulent behaviour.

    This means cryptojacking is all about volume; the more processing power available to the person mining, the more likely it is they will stumble across the “solution”, and therefore solve the current block in the blockchain.

    In theory, this makes datacentres and server farms that have huge processing power the main targets for such attacks.

    However, there is an argument that, rather than one “big hit”, it may be easier to attack several smaller companies who may have less sophisticated defences, which yield less per hack, but offer more opportunities.

    Cryptojacking can take the form of phishing tactics that encourage users to click on a link that leads to a cryptomining script running on their computer while they work. Or, ads can be infected with scripts that automatically run once someone visits a website running that ad.

    Cryptojacking should therefore be regarded as another type of hack, along the lines of a denial of service or direct fraud; the actual risk to companies is largely the same.

    It should also be considered that, because cryptojacking does not require complex technical skills, as its attraction grows, many attacks may be fairly simple.

    Putting basic security measures in place may block the majority of hacks in the same way a traditional burglar alarm on a house may encourage would-be intruders to pick an alternative easier target. (It may also explain why items such as internet-connected toasters, TVs and fridges are at risk of hacking!)

    1. Prevent

    As such, the same defensive measures, which amount to general good cyber security measures, should be applied. These include the following preventative initiatives:

    Cyber awareness training: Like other cyber threats, education is key, and it is better to be preventative. General cyber awareness will help reduce the likelihood of machines being hijacked. Users should also be encouraged to report the telltale sign of computer performance issues, for example.

    Patching: Regular patching and upgrades of both the network-level and individual device security software will help to minimise the exposure to this threat axis.

    Threat detection: Enterprise threat detection solutions can help to identify when the networks are being attacked and, depending on the solutions, provide real-time alerting and investigative follow-up to address the issues.

    Browsing restrictions: Blacklists and whitelists for browsing can be useful, along with activities such as restricting JavaScripts and using anti-cryptomining browser extensions.

    2. Monitor

    As well as seeking to reduce the likelihood of the attack in the first place, it is also important to monitor for impacts of such an attack.

    Hardware performance monitoring: Working with system administrators – whether internal or third-party – to monitor the performance of IT assets is key. Having first established a baseline for how the hardware should be functioning, any suspicious loads, such as an increase in the percentage of central processing unit  power being used, power drain and an increase in temperature, can be flagged. These indicate that system resources may have been hijacked, and need to be quickly identified and addressed – ideally via automated tools and alerts.

    To reiterate, cryptojacking should be regarded as another risk to the organisation. Good business practice that dictates IT security is a critical consideration will go a long way to preventing it.

    Source link

    • Facebook
    • Twitter
    • Google+
    • Linkedin
    • Pinterest

    Leave a Comment

    Your email address will not be published. Required fields are marked *

    This site uses Akismet to reduce spam. Learn how your comment data is processed.

    This div height required for enabling the sticky sidebar