Last week, Computer Weekly published an article detailing a study which suggests that higher education establishments are at a greater risk of exposure to malicious cryptocurrency mining attacks.
According to the report, 60% of all recorded illicit mining takes place at higher education institutions, this includes Universities and Colleges.
The report outlines that many of these malicious attacks are not being pushed through the network by external cyber-criminals and that they are in fact coming from internal sources, generally students who reside on University campuses.
According to Warwick Ashford, the security editor for Computer Weekly, the report is based on a study of 246 customers who use a programme called the Vectra Cognito Platform. Vectra, a threat management firm conducted the study by using their platform to locate invisible attackers on networks.
The full report (which can be found here https://blog.vectra.ai/blog/the-alarming-surge-in-cryptocurrency-mining-on-college-campuses) discusses the applications of malicious crypto-mining and why it is a risk, not just to the people within the universities but to the entire cryptocurrency industry on the whole.
The report by Vectra states:
“Cryptocurrency mining is an opportunistic attack behaviour that uses botnets to create a large pool of computing power. It is considered more of a nuisance than a targeted cyberattack that puts personally identifiable information (PII), protected health information (PHI) and financial data at risk. But in some instances, these botnet activities present a high risk to organizations:
- They create noise that can may hide serious security issues;
- They impact the reputation of an organization’s IP address, causing it to be black listed;
- Cybercriminals will buy access to compromised computers from crypto-jackers to launch targeted attacks against universities.
If computer users intentionally install cryptocurrency mining software, the risk may be minimal, although they could also install other money-making software that presents a greater risk”.
Moreover, news of these sorts of incidents don’t instil a great level of confidence about the cryptocurrency industry to the rest of the world. Therefore, I would argue that universities need to start taking more action to locate students who are misusing their networks and impose disciplinary action on them.
With that in mind, Universities need to be held accountable in the same way cryptocurrency exchanges are in terms of how their security protocols protect blockchain technology.
I guess this is quite a new risk for universities and is something that probably isn’t written into their strategies, either way now is a really important time within the cryptocurrency world and therefore quick and effective action needs to be taken to ensure that the damage large scale illicit mining actives can cause is kept to an absolute minimum to ensure the integrity of the cryptocurrency industry is not damaged beyond repair.
Featured Image Source: Wikipedia Commons