Regardless of your background or industry, it’s likely that you’ve heard of Bitcoin and other virtual currencies over the past several years. We’ve all seen the news lately—cryptocurrency mining attacks are on the rise. To better protect against these threats, let’s first take a step back and define some of the terms you may come across.
A Growing Market and Threat Landscape
From 2017 to 2018, we saw the cryptocurrency market capitalization grow from $26B to more than $835B. Today, it’s under regulated and highly volatile—daily 30 percent swings are not uncommon. Malicious actors are looking to make lots of money while staying anonymous. Unlike ransomware, cryptomining attackers don’t need to actually engage the victim—making it much easier for them to secretly continue mining cryptocurrencies, completely unnoticed. In general, cryptocurrency mining can use up a considerable amount of computing power and energy that would otherwise be incredibly valuable to any organization.
Over the past year, we’ve seen malicious cryptocurrency mining continue to grow. Our security research team, Cisco Talos, has found that this threat is spreading across the internet like wildfire, and is being delivered through multiple vectors such as email, web, and active exploitation. Organizations need to start making tough policy decisions regarding cryptocurrency mining to protect their environments.
How Can You Protect Against Cryptomining?
At Cisco Umbrella, we’ve seen a 14x increase in the amount of crypto-related activity in only a few short months. And, a high volume of this activity is targeted at Managed Service Provider (MSP) environments.
As an MSP, it’s critical to secure your clients’ environments and ensure they are protected from today's evolving threat landscape.
The best way to protect against malicious cryptomining is to first identify if it’s occurring in your clients’ environment and—assuming they do not mine cryptocurrencies as part of their daily business activities—block any cryptomining activity. With Umbrella, you can easily set security policy settings to enable our cryptomining block category and block crypto miner pools and web miners from utilizing your clients’ environment to mine cryptocurrencies.
Handpicked for you:
By Lily Teplow
By Brian Downey
By Dave LeClair