Many Canadian organizations are unknowingly affected by cryptocurrency mining: Darktrace report

Is your organization’s computing power being used by external forces for cryptocurrency mining? While many data breaches occur with the goal to steal data, as cryptocurrency reemerges as a popular trend with the rise of currencies like bitcoin, hackers are now breaking into systems to use an organization’s computing power to mine cryptocurrencies.

According to Darktrace’s Threat Report 2018, the cyber AI security firm detected cryptocurrency mining in 25 per cent of all of its customers’ networks over the last six months. Hackers are re-purposing company computing power with mining malware that can take power from PCs, servers, and any other device connected to the network.

“Those who are able to get into any network and put cryptocurrency mining malware onto computers can just start mining away,” David Masson, Canada Country Manager at Darktrace, told ITWC. “And it’s not just the computer power they’re using – they’re also using the company’s electricity supply as well because it takes a lot of power to actually do this.”

Darktrace estimates that a thousand-strong army of hijacked computers could make roughly $200,000 per year, and it’s not just outside hackers who are realizing this. Employees themselves have realized the financial opportunity available. While these employees may not be stealing data, mining malware inherently slows the entire system and the productivity of the network by stealing power on a daily basis, and since it is an unknown presence on the network that is unpredictable, it poses a risk to the wider infrastructure.

And here’s the real caveat: unlike ransomware or forms of attack that spread quickly and make its presence known, cryptocurrency mining can run in the background for months and months on end without being detected.

“If it’s an insider, the kind of technologies that you have out there right now are based on rules that just won’t see [mining malware]. You can’t find the insider and they’re a high level user with a fantastic buffet of excuses to explain why they’re doing what they’re doing. Untrained noses won’t find this, they won’t see it,” explained Masson.

That’s where Darktrace’s artificial intelligence-powered cyber defense comes in. For example, in the threat report the company details how a 500-person law firm with traditional security that scanned for known threats was unaware that a summer intern had installed bitcoin mining malware that co-opted more than 75 computers.

“If you’re going to try and guess what bad is going to be – try and pre-define bad based on past experience – that’s great, but it’s probably not going to be good enough because at the end of it, it’s a bit of a guess. Let’s not try and keep up with the scale of the threat because you can’t. There’s too much of it, it’s too complex, and it’s moving too fast. Humans can’t keep up,” said Masson.

Darktrace’s AI defense technology was able to detect that summer intern’s mining malware by catching the anomalous behaviors. It can spot the deviating behaviors that stand out, even if only slightly, and compare what is normal to that network.

“Let’s turn it the other way. Let’s get an understanding of the network. Let’s know the pattern of life of the network and everything that’s in it whether it be a user, device, subnet, etc., and then look for a change to that pattern of life. Will all change be a threat? No, but all threat will be a change in there. You not only get 100 per cent visibility of your network, but you will also see a threat in it’s very early stages,” Masson said.

Cryptocurrency mining isn’t the only threat outlined in the Darktrace report. Darktrace also found that 65 per cent of early-stage threats are due to “insiders misusing legitimate access to damage their employer, either knowingly or unknowingly.” The cybersecurity firm also found a 400 per cent increase in the number of IoT security incidents due to the vulnerability of such devices on the edge.

For the whole Darktrace Threat Report 2018, you can find it here.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Alex Radu
Alex Radu
is a Video Producer for IT World Canada. When not writing or making videos about the tech industry, you can find him reading, watching TV/movies, or watching the Lakers rebuild with one eye open.

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now