Playbook Volume 9 - ChannelVision Magazine

clicks the infected link it executes a cryptomining script, which runs si- lently in the background. Another common strategy is to scan a website for vulnerabilities and inject JavaScript. Then, whenever a visitor clicks on the website, the script activates automatically and steals the user’s processing power. Showtime and Politifact.com are two major websites that have been hit with this type of attack. Cloud servers are also becom- ing an increasingly common target. Tesla, for instance, recently had cryptojacking scripts operating on unsecured Kubernetes instances. According to RedLock, the scripts were connected to servers hiding behind the CloudFlare content deliv- ery network. Tesla was unaware that cryptojacking was taking place. Why cryptojacking is a problem While cryptojacking may seem like a milder form of cybercrime than, say, ransomware, it still poses a legitimate threat to businesses and internet users — especially as cryptojacking malware continues to evolve. It shouldn’t go overlooked that Check Point placed cryptomin- ing malware on its monthly “Top Ten Most Wanted Malware Index” four consecutive times this year. In one recent example, news broke about a type of malware called WinstarNssmMiner that not only mines for Monero coins but also crashes operating systems. This strand of malware spread across 500,000 machines in only three days via compromised web- sites and email. For retailers, cryptojacking also poses a direct threat to the customer experience. By injecting cryptojack- ing malware into a website, a hacker can slow down end users’ browsers and drain their batteries — result- ing in reduced performance, and preventing customers from making transactions and accessing content. Whattotellyour customers While cryptojacking sounds intimidating and can lead to a variety of negative consequences, it’s not really a million-dollar sales opportunity. Cryptojacking is simply one more item to add to your ever-growing list of cy- berthreats. You can use threats such as cryptojacking, ransomware and worms to start a larger conversation about imple- menting a comprehensive, multi-faceted cybersecurity strategy. There is no single solution that you can sell that can keep your customers completely safe online. RedLock suggests businesses should use a combination of network traffic, configuration, activity and host vulnerability monitoring solutions to protect cloud environments. You may not be able to keep hackers out of your network entirely, but you can layer technologies that make it harder to get inside. Credential management software also can be used to prevent unauthorized users from gaining easy access to backend systems. o Top Reasons WHY ENGAGE ONESTREAM NETWORKS? Global Leader. Carrier-Grade. Comprehensive. Cloud Communications and Collaboration global, localized Hosted PBX / BroadSoft Unified Communications advanced global SIP trunk consolidation global DID/DDI and number porting in-country call termination with CLID and special-digits localization PSTN replacement in every country Software-Defined Networking (SD-WAN) zero-outage hybrid networking carrier-grade Versa Networks managed voice quality of service advanced managed security The Extreme Global Cloud geo-distributed global cloud infrastructure mirrored and meshed for 100% uptime simple, powerful management and reporting OneStream Networks | (877)877-1220 sales@onestreamnetworks.com 17 THE CHANNEL MANAGER’S PLAYBOOK