Cyber Security Today: Rise of cryptomining, university student pleads guilty and Russia blamed

Warning of rise of crypto-mining, American university student admits changing his grades guilty and Russia blamed for infrastructure attacks.

We’re bringing you the latest cyber security news Welcome to Cyber Security Today. It’s Wednesday April 18th. I’m Howard Solomon.

Cyber Security Today on Amazon Alexa Subscribe to Cyber Security Today on Google Play Subscribe to Cyber Security Today on Apple Podcasts

Criminals are increasingly using your computer or smart phone to mine for crypto-currencies. That’s the conclusion of a report this week from security vendor Comodo after looking at customer data. During the first three months of this year, crypto-miners surged to the top of detected malware incidents. For a time, they have displaced ransomware as the number one threat. Through malware, crypto-mining software gets secretly installed on your device, then uses the processor power in the background to crunch calculations that earn hackers digital currency. One way you’ll notice you’ve been infected is if your device slows down. There are variations of crypto-mining malware that don’t install files. Instead they run in memory.

The report also warns that password stealing malware is getting more sophisticated and cunning.

Our recommendation: Make sure your devices have good anti-malware protection.

Speaking of stealing passwords, a University of Iowa student has pleaded guilty to hacking into university systems and changing grades for him and five other students. The Daily Iowan newspaper reports professors’ usernames and passwords were stolen through a key logger to accomplish the switch.

The incident cost the university about $68,000 in breach discovery and fixing costs. The student will be sentenced in August.

In a joint technical alert the FBI, the U.S. Department of Homeland Security and Britain’s National Cyber Security Centre have issued an alert accusing Russia of supporting groups that exploit network infrastructure devices such as routers and switches. The goal is espionage and intellectual property theft. Rather than install malware, the attackers take advantage of holes in the network equipment, including the fact that some are old and aren’t getting security patches any more.

Network devices are ideal targets. Taking over an organization’s gateway router gives the opportunity to monitor, modify, and deny traffic to and from the organization. Taking over an internal router does the same.

What companies and government departments have to do is follow basic cyber security practices: That includes changing default passwords on devices, and replacing them with strong passwords. It also means not allowing Internet access to the management interface of any network device. Manufacturers have to make network products that only support encrypted communications. And Internet service providers should replace old equipment as soon as possible.

Finally, this week Microsoft announced a hardware and software solution to the pesky problem of insecure Internet-connected devices like home surveillance cameras and the like. I have a detailed story on ITWorldCanada.com.

That’s it for Cyber Security Today. Subscribe on Apple Podcasts, Google Play, or add us to your Alexa Flash Briefing. Thanks for listening.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

ITWC podcast network

Subscribe to ITWC podcasts and never fall behind on the conversation in technology again. Our daily podcasts are perfect to add to your smart speaker’s daily briefing or to your favourite podcast app on your smartphone. 

Cyber Security Today Podcast

#Hashtag Trending Podcast