Managing CryptoMining Risks

Digital currencies, such as BitCoin, have brought the profile of blockchain technologies in to the public domain, and with it comes new risks to manage including CryptoMining.

In the early days, mining crypto-coins was a lucrative past-time for someone with spare computing capacity, often utilising the GPU (Graphics Processor Unit) for speed. Processing transactions on the blockchain was rewarded by the creation of new coins given to the ‘miner’.

While the returns from mining crypto-currency are diminishing, there are still cyber criminals looking to use both the processing power of a hijacked machine and bandwidth of public internet provisions to make a profit.

Having this activity uncontrolled on your IT estate could impact others on the network, and if you operate a public or guest wifi facility, you may want to consider if you allow it at all.

IT Controls

Users of hijacked machines may not know that they are mining crypto-currency at all, and this underlines the importance of knowing what’s happening on your network at all times.

Good quality, up-to-date malware protection will reduce the risk of miner-malware infecting machines on your network and covertly using local system resources to mine cryptocurrencies.

As always, malware protection should be paired with user awareness to prevent threats entering the network in the first place.

Network monitoring will help you detect CryptoMining after-the-fact.

Looking at DNS requests for certain keywords could help you spot a machine that reaching out to a mining pool or other resource.

While Intrusion Detection (IDS), which comes as a module available on many corporate Firewall boxes these days, can provide a more intelligent safeguard.

Internet Policies

Some guests, and even employees, may not see the harm in mining while on your network, so an update to your WIFI, visitor and internet policies could be required as a soft control that sets out your expectations from the start.

Organisational Controls

There are many organisational controls which can be applied to minimise the threat from CryptoMining.

ISO 27001 is an international standard for an Information Security Management System, which can be certified by a UKAS Accredited Body. Certification aside (it can be great for tenders), the standard sets out a risk management framework including controls that can be used to treat risks.  Implementing ISO 27001 will provide you with a way to govern your security arrangements.

Cyber Essentials and Cyber Essentials Plus are also worth while schemes, with the PLUS version requiring a Pen Test. This takes a more technical approach and fits well with the management approach of ISO 27001, above.

Pen Testing and Vulnerability Scans are always a valuable tool to detect weakness which may already exist or have occurred unexpectedly from a change on the network.

Impact of CryptoMining

Organised CryptoMining uses a lot of energy, but even isolated compromised machines can see an increase in processor activity, which can compound across a large network.

In addition, CryptoMining causes computers to utilise all their available resources, which can have knock on effects such as increased need for system cooling.  This all has an impact on the lifespan of a machine.

Summary

New technologies open up new human and IT threats to understand and manage.  It’s important to take the right approach for your organisation and have confidence in your controls.

For help with any of the above services or Risk Management in general please contact us.