Member-only story
When sharing is not caring — protecting your IT & cloud environments against cryptojacking
Part 1 in a series about protection your cloud environment against cryptojacking
It is not uncommon for people who own mansions in college towns to find that an illegal mansion party took place while they were away. Sometimes the party goers illegally enter the mansion. Other times it’s via an Airbnb rental. Either way, when the owners return, they see countless beer cans and bottles of alcohol strewn on the lawn. Entering their palatial home, it is as if a hurricane came through. And when they get to the bathrooms, let’s just say it’s not pretty.
Those who are casualties of mansion parties know rather quickly they’ve been victims. In the technology space, firms have large mansions in the form of enterprise networks and cloud projects. Often, these environments are taken over, trashed, tarred, and feathered, while the owners are oblivious to what is happening.
Unlike a single Saturday night mansion party, an attacker can take over environments for weeks and months, and while they are not trashing them, they are using them for unauthorized gain. The specific type of malfeasance I am discussing here is cryptojacking.
Cryptomining vs. cryptojacking
Cryptomining or cryptocurrency mining is a process in which transactions for various forms of cryptocurrency are verified and added to the blockchain digital ledger. Also known as cryptocoin mining, altcoin mining, or Bitcoin mining (for the most popular form of cryptocurrency, Bitcoin), cryptocurrency mining has increased both as a topic and activity as cryptocurrency usage itself has grown exponentially in the last few years.
The term cryptojacking is the unauthorized use of someone else’s computer to mine cryptocurrency. Hackers do this by either getting the victim to click on a malicious link in an email that loads cryptomining code on the computer or by infecting a website or online ad with JavaScript code that auto-executes once loaded in the victim’s browser.
While cryptomining is legitimate, cryptojacking is malicious because it involves the illegal use or hacking into IT networks or cloud computing systems. Cryptomining software uses the resources to…
