What Is Cryptomining and How to Protect Against It

Regardless of your background or industry, it’s likely that you’ve heard of Bitcoin and other virtual currencies over the past several years. We’ve all seen the news lately—cryptocurrency mining attacks are on the rise. To better protect against these threats, let’s first take a step back and define some of the terms you may come across.


Cryptocurrency is a digital currency in which encryption techniques are used to regulate the generation of units of currency and verify the transfer of funds, operating independently of a central bank. Cryptocurrency mining, or cryptomining, is simply the process of generating new units of the cryptocurrency. In the case of say, Bitcoin, a miner uses their computing power to verify peer-to-peer (P2P) Bitcoin transactions and is rewarded with new Bitcoins proportional to the amount of computing power they donated to the Bitcoin network. Finally, cryptojacking is the secret use of your business’ computing power to mine cryptocurrencies through individual machines in browser JavaScript exploits, cloud AWS instances, and so on.

A Growing Market and Threat Landscape 

From 2017 to 2018, we saw the cryptocurrency market capitalization grow from $26B to more than $835B. Today, it’s under regulated and highly volatile—daily 30 percent swings are not uncommon. Malicious actors are looking to make lots of money while staying anonymous. Unlike ransomware, cryptomining attackers don’t need to actually engage the victim—making it much easier for them to secretly continue mining cryptocurrencies, completely unnoticed. In general, cryptocurrency mining can use up a considerable amount of computing power and energy that would otherwise be incredibly valuable to any organization.

Over the past year, we’ve seen malicious cryptocurrency mining continue to grow. Our security research team, Cisco Talos, has found that this threat is spreading across the internet like wildfire, and is being delivered through multiple vectors such as email, web, and active exploitation. Organizations need to start making tough policy decisions regarding cryptocurrency mining to protect their environments.

How Can You Protect Against Cryptomining?

At Cisco Umbrella, we’ve seen a 14x increase in the amount of crypto-related activity in only a few short months. And, a high volume of this activity is targeted at Managed Service Provider (MSP) environments.

As an MSP, it’s critical to secure your clients’ environments and ensure they are protected from today's evolving threat landscape.

The best way to protect against malicious cryptomining is to first identify if it’s occurring in your clients’ environment and—assuming they do not mine cryptocurrencies as part of their daily business activities—block any cryptomining activity. With Umbrella, you can easily set security policy settings to enable our cryptomining block category and block crypto miner pools and web miners from utilizing your clients’ environment to mine cryptocurrencies.

Cisco Umbrella is a Silver sponsor of Navigate 2018! If you’re ready to learn more and see Umbrella in action, stop by our booth or sign up for a free 14-day trial.


Handpicked for you:

Download Explaining Cyber Security eBook