If your company has a website, you could be leaving yourself open to crypto jackers, who will use your website to illegally mine digital currency, even if your company has absolutely nothing to do with them. The has affected major companies as well, with Tesla’s AWS cloud storage becoming affected with cryptocurrency mining software.
The reason that these attacks are becoming more frequent is fairly simply. The cryptocurrency market is booming at the moment, and mining can be a very profitably business; but, it requires an enormous amount of computing power. So, it saves them an awful lot of money by infiltrating and accessing someone else CPU or GPU power as opposed to paying it for themselves.
The risk is not just contained to computers either. Phones and the devices of visitors to the website can be at risk as well, which can cause both financial damage to the company, as well as reputational damage.
So which websites are at risk? There are certain things that hackers look for, for example cloud storage, and high traffic websites, as they can infiltrate visitors accounts as well. It is harder to detect on mobile devices. Although the device might run a bit slower, the battery life would significantly reduce, and they might experience a lesser response, they might not put this down to crypto-jacking.
What to look out for. It is so important to know what signs to look out for in order for you to keep your website and your users devices safe. If your computer is running slower and is accompanied by other symptoms listed below, look into this as a possibility. Your computer’s fan might be running very hot, and your browser might slow when the mining is happening, along with a shorter battery life. It is likely that hackers will insert malicious code during slower hours – typically at the weekend and after your business closes, as a way of avoiding detection, so by analysing your computing power might be good indication of whether they are being hacked.
Although the signs can be hard to spot, there are a number of different things that you can put in place to keep your websites protected, with it being advised that you conduct a simulated attack via a pen test or penetration test, which will help you to identify any areas that hackers could exploit. This could be done via manual pen testing, automated pen testing, or pen testing driven by artificial intelligence.
On top of this ensure that you make sure your security protection is active and up to date. Ensure that your IT teams are monitoring server activities closely, and in extreme cases, you might want to consider employing a patch management system. Offensive security is absolutely the best defence against this type of crypto-jacking, so keep your websites protected and don’t let your business be put at risk.