Don’t let the ongoing “crypto winter” lull you into a false sense of cybersecurity. Even as cryptocurrencies lose value — and some crypto companies file for bankruptcy — cryptojacking still poses an urgent threat to enterprises across industries, from financial services to healthcare to industry 4.0 and beyond.
Broadly speaking, cryptojacking is defined as the unauthorized and illegitimate use of an unwitting party’s compute and/or server power by a malicious actor to mine cryptocurrencies. While everyone with an internet connection is technically vulnerable to cryptojacking, most attacks target enterprises with significant compute resources, especially those with an outsized number of third-party relationships. (More on that last part in a bit.) And if a malicious actor can breach your cybersecurity defences for cryptojacking purposes, they can breach them for any number of nefarious reasons.
Under normal conditions, mining for cryptocurrency is hugely expensive because doing so requires immense electricity and sophisticated hardware. Cryptojacking cuts out the overhead for malicious actors, so whatever they’re able to mine turns into pure profit.
For legitimate cryptocurrency owners, the losses associated with “crypto winter” have been catastrophic. But for cryptojackers, “crypto winter” just means a little less free money than before. The margins remain enormously high, and the incentives haven’t changed. Nefarious actors still need access to capital that is largely untraceable — so even amidst the crash, cryptocurrencies remain an important asset to them. In other words, don’t expect cryptojacking attacks to abate any time soon.
images from Hacker News