Prevent Cryptocurrency Mining Hacks

The healthcare industry has been hard hit by ransomware attacks. However, research by Kaspersky Lab finds that cryptocurrency mining hacks (cryptojacking) have overtaken ransomware attacks, up by 44.5% from 2016-2018. The news that ransomware attacks have declined 30% during the same time period may be good news to healthcare and other popular ransomware targets, but the rise in cryptojacking gives those same targets something new to worry about.

Check Point's Global Threat Index for 2018 puts cryptojacking at the top of the list of malware threats, surpassing the once rampant ransomware. Not that ransomware has disappeared by any means, but cryptomining hacks are currently the largest threat landscape for healthcare and many other industries and even for individuals. Cryptomining is the process of mining cryptocurrency, an alternative e-currency to traditional currency. The most well-known of this type is Bitcoin, but there are many others. It takes massive amounts of energy to mine, and this is where hacking comes in. Webopedia defines cryptojacking as “unauthorized mining” of cryptocurrency, and “users either get infected by a cryptomining malware program or visit websites that…run cryptomining software in the background without the user’s consent.” The overall effect of cryptojacking on systems and networks is a dramatic slowdown, and in some cases can destroy batteries and devices. With cryptojacking on the rise, institutions need to be aware of the telltale signs, as well as keeping ransomware in their sights.

• Train IT and support to detect cryptojacking. Beware of your device slowing down, acting strangely, and/or overheating. Using antivirus software may help detect cryptomining.

• Integrate cryptojacking threat into cybersecurity training, including delivery through phishing attempts.

• Keep operating systems up-to-date. Apply security patches as soon as they are available. When the developer no longer supports your OS, upgrade it to one that is.

• Keep aware of cryptojacking trends. Like other hacks, cryptojacking trends may change the ways in which it’s delivered into systems. If you know how it enters, you should be able to prevent it.

• Use ad blocking software or consider using anti-cryptomining extensions on web browsers to block cryptomining scripts. Just be sure to do some research and read reviews of them and that they are safe to install.

• Backup systems on a regular basis. If cryptojacking damages devices or systems, their content can be retrieved from a recent backup file. Make sure to check backup systems to assure they work when you need them to.

• Always watch out for the ever-present phishing attacks. If links or attachments arrive in your in box unexpectedly or from unknown senders, just don’t open them. Often cryptojacking malware comes by way of phishing.