Playbook Volume 9 - ChannelVision Magazine

The Rise of Cryptojacking In RedLock’s most recent “Cloud Security Trends” report, it was re- vealed that 25 percent of organiza- tions currently have cryptojacking occurring in their cloud environments. Last quarter, just 8 percent of compa- nies were suffering from cryptojack- ing, indicating explosive growth in a very short amount of time. This growth may be related to the saturated and overpriced ransomware market, the report suggests. Hackers are seeking new revenue streams, and cryptojacking is one alternative that is rising in popularity even though the payouts are less dramatic. Before we dive deeper into this cy- berthreat, let’s start by reviewing how cryptocurrencies work. About cryptocurrencies Cryptocurrencies are digital cur- rencies protected by encryption. They enable fast, anonymous and secure payments and eliminate the need for banks and clearing houses. Bitcoin is widely considered the top cryptocur- rency today, but there are more than 1,600 currencies in use. It’s a rapidly growing market that could top $1 trillion by the end of this year. Behind every cryptocurrency is a blockchain, or a shared public ledger containing a complete history of the cryptocurrency’s transactions. This ledger gets distributed equally across a peer-to-peer (P2P) network of comput- ers. Each cryptocurrency has its own P2P network and unique blockchain. For security purposes, all transac- tions must be checked before they can be entered in a blockchain. Basically, end users attempt to break encrypted data sets using powerful computers in a process called cryptomining. With Bit- coin, miners repeatedly submit solutions to complex mathematical equations until they break an encrypted code. Once a code is broken, a proof-of-work must be submitted and verified. Then, a block gets added to the blockchain and the user receives compensation in the form of cryptocurrency for their labor. Howcryptojackingfits in As you can see, there is nothing wrong or illegal about cryptomining. It’s is an important part of the cryp- R ecently there has been a major uptick in a type of cybercrime called cryptojacking, where hackers steal private computing resources and use them to “mine” for cryptocurrencies. Report finds threefold increase in cloud cryptojacking this quarter topayment process. The issue is that cryptomining is extremely resource- intensive, and it’s going to get even worse moving forward. Sources indicate it takes about 215 kilowatt hours (kWh) to mine just one Bitcoin transaction, which is the same amount of energy required to keep the lights on in your house for a whole week. By the end of this year, Bitcoin alone could use half a percent of the world’s total electric energy, or 7.7 gigawatts. “The main problem is that the ener- gy consumption primarily relates to how agreement on the underlying blockchain is reached,” stated blockchain special- ist Alex de Vries. “Mining makes it a big competitive lottery where the winner — every 10 minutes — gets to create the next block for the blockchain. The built- in reward for this process is fixed, so it motivates participants to constantly add new machines to the network to get a bigger slice of the pie — the more com- putational power the more you win.” Instead of paying for expensive computing resources, a growing num- ber of miners are now using crypto- jacking to steal processing power from internet users and businesses. Howcryptojackingworks There are a few different crypto- jacking strategies that hackers are using today. The easiest and most effective way is to get an unsuspect- ing end user to click on a baited link, using phishing tactics. Once the user 16 THE CHANNEL MANAGER’S PLAYBOOK