When employees mine coins with work computers, much can go wrong. But there are some ways to stay safe.

David Shefter, Chief Technology Officer at Ziften Technologies

February 28, 2018

4 Min Read

Whatever the latest hot, new cryptocurrency is — be it bitcoin or one of its quickly sprouting rivals — doesn't matter: coin mining and trading activities by employees and by hackers is a considerable security problem in the enterprise.

Cryptocurrencies and the industries sprouting around them are infecting enterprise desktops and servers with malware, making systems vulnerable to cyberthieves, and draining electricity. They could be after customer lists, passwords, databases, or looking to turn your computers and devices into bots, ready to spread more malware.

The threats might start from employees, if they choose to try to make a couple of extra dollars by mining or trading cryptocurrencies. Today, insiders are the biggest problem, as they are more than likely using enterprise-owned computers or company-owned Wi-Fi to pursue their cryptocurrency interests. Cryptocurrency is the new day trading, both disruptive and dangerous, and this is due to the nature of the software that needs to be used for those activities.

There are two types of software. One works to mine cryptocurency coins; the other manages digital wallets.

Coin-mining software uses CPU cycles and memory on the end user's computer to solve complex math problems. The more problems that are solved, the more coins are mined (created) and a portion is added to the user's account. Coin mining requires computing horsepower in order to make just a few pennies' worth of cryptocurrency. The more powerful the computer, the faster the employee makes money. If the employee can manage to harness multiple desktop/notebook computers — or more powerful computers, such as corporate servers or cloud resources — the employee makes even more money, but the enterprise suffers.

There are two dangers. First, running mining software consumes considerable electricity. Second, if coin-mining software is installed on servers, it's reducing the amount of server processing capability to be used for legitimate work. Today, mining bitcoins requires too much processing power to be efficient, and so employees are mining newer or less-known currencies, such as Monero and Ethereum. Don't underestimate electricity consumed by mining. By comparing it to playing computer games, if a regular gaming computer runs for eight hours, it is 2,000 kW/h per year of electricity. With mining, it's more like 5,000 kW/h. That's thousands of dollars wasted.

A second threat is digital wallets, software used to manage digital currency accounts. They are targeted by cyberthieves, who break in to steal the cryptocurrency coins. If those wallets are stored on company-owned computers, hackers are breaking into your own resources, including your computers, servers, or network.

Digital wallets and mining applications are not carefully written applications by name-brand vendors. More likely, they are written by anonymous sources, and distributed via questionable means via the Dark Web. To obtain software for cryptocurrencies, one has to get near questionable parts of the Web, websites targeted by hackers, and the software may be a Trojan for malware. For example, EtherDelta, a coin exchange marketplace that was taken over by hackers in 2017 by subverting the website's DNS information. This allowed the hackers to steal cryptocurrency coins.

Hackers may try to subvert employees' coin-mining/trading activities via malware installed on coin applications. Another recent danger is the use of malicious JavaScript or malicious ads to do some of the calculations needed to mine software — but this time, on the hacker's account. Software on web pages use the end-user's computer to perform calculations around the clock. Those actions can be delivered via JavaScript, using browsers like Firefox, Chrome, Safari, or Edge. Most JavaScript is fine yet can be turned malicious.

Stay Safer
So, what can you do? A few things:

  • Make sure your antivirus software is up to date on all corporate assets, and that your AV solution blocks coin software. Contact your vendor to make sure.

  • Don't allow non-corporate devices to access the enterprise network, and that includes personal devices, such as the employee's personal computer brought into the office.

  • Set strong policies against the use of mining or coin-management software on enterprise devices or in the workplace — treat it as you would pornography or other disruptive and dangerous software.

  • Configure firewall policies to block access to known websites involved in cryptocurrencies or which are hubs for the distribution of coin software. This is an ever-changing list, so you must be vigilant.

  • Sites to consider blocking include coinbase.com, cex.io, binance.com, kraken.com, etherdelta.com, coindesk.com, and blockchain.info.

  • Monitor corporate computers to see if they have excessive CPU or memory utilization, which could be the result of coin-mining software.

In conclusion, be aware of myriad cryptocurrency coin issues to better foster a culture of security in your enterprise before it becomes an epidemic.

Related Content:

 

 

Black Hat Asia returns to Singapore with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier solutions and service providers in the Business Hall. Click for information on the conference and to register.

About the Author(s)

David Shefter

Chief Technology Officer at Ziften Technologies

David Shefter serves as Chief Technology Officer for Ziften Technologies, where he brings an expansive background in security, IT, and emerging technologies for finance. Previously, he served as Senior VP of Innovation and Emerging Technology at Citigroup. Shefter is responsible for Ziften's long-term technology vision and strategy, strategic technology partnerships, and technical product strategy. An executive with over 20 years of experience in technology and financial markets, Shefter previously held senior management positions at IBM, DEC, and Merrill Lynch, in addition to several startups in the hosting, Web services, consulting, and legal industry spaces. Shefter has an expansive record of driving innovation initiatives, while providing vision and operational expertise in creating expanded capabilities. David is a leader in expanding the relationship of IT across a varied business landscape, and providing strategic direction in technologies and systems for high visibility environments in support of business initiatives. Shefter holds a B.A. from Pace University.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights