Cryptocurrencies are enjoying a revival at a time when FinTech innovation is meeting the demand for faster and simpler digital payments. Better payment systems and wider adoption of paperless transactions have prompted a renewed focus on existing and new cryptocurrencies. However, cryptocurrencies are not as stringently regulated as “fiat” currencies, so industry regulators must work harder to address and combat cybersecurity threats.
Cryptomining plays a key role in the progression and growth of the crypto market, but it also presents a serious threat to computer systems and user data. We explore the process of cryptomining and the key threats that it poses.
What is cryptomining?
So, what is cryptomining? The practice of “cryptomining” (or cryptocurrency mining) involves adding various cryptocurrency transactions to the blockchain. Rather than minting coins or printing banknotes to activate units of fiat currencies (those deriving value from an issuing government, rather than goods or commodity), the process for cryptocurrencies is very different. This is where cryptomining and the blockchain come in.
Cryptomining validates transactions and updates them into the blockchain ledger. This public ledger supports the activities of digital currencies and records each transaction across its network. The generation of units of fiat currency is operated under a central authority, which issues new notes and destroys older ones. But with cryptocurrencies, such as bitcoin, units are generated through the process of cryptomining.
How does cryptocurrency mining work?
The role of blockchain
In the crypto market, the blockchain makes a record each time cryptocurrency “coins” are bought or sold, assembling them into connected blocks. All transactions must be verified by other users on the network to ensure the integrity of the cryptocurrency units. This verification process prevents digital tokens from being used to initiate multiple transactions (“double spending”).
In cryptocurrency mining, miners deliver the processing power to create new blockchain coins. The miner generates the block contents and algorithmic outputs that make up new blockchain transactions. Miners must validate 1MB worth of transactions to secure new coins before solving a numeric problem to generate a 64-digit hexadecimal number (called a hash). The so-called hash rate determines the performance of the cryptocurrency network.
The hash rate (or hash power) is the measuring unit for how much power the network is consuming to be continuously functional. It is determined by the algorithmic functions that form hashes. The crypto network consumes a lot of energy as it has to solve intensive calculations regularly to find the blocks.
Cryptocurrency mining hardware and software
While anybody can mine for cryptocurrency, there are centralised cryptomining operations which utilise mining hardware to feed the cryptocurrency market. This includes crypto exchange services to convert national currencies into cryptocurrency values.
There is cryptomining hardware available which provides the power to authorise crypto transactions. The hardware requires specialised a GPU chip or ASIC (application-specific integrated circuits), a cooling system for the hardware and uninterruptible connection to the Internet. And cryptominers then need access to legitimate cryptomining software packages and be a member of a cryptocurrency exchange or online mining pool.
What are mining pools?
Cryptominers can work in groups to create a mining pool, with rewards being shared according to each miner’s contribution to the hash power. The largest mining pools can be found in China, which controls around 80% of the whole network hash rate. Why China? Electricity is cheap in the country, whilst some of its power corporations actively support cryptominers. Miners working independently of crypto mining pools are known as solo miners. Cryptominers rely on nodes to carry out the task of mining cryptocurrency.
What are nodes?
Essentially, nodes can be any electronic device with an internet connection and IP address. Nodes maintain a blockchain copy and process transactions. They are controlled by cryptominers and used to validate transactions and receive transactional fees.
When nodes are notified of new transactions, they carry out validation checks, including verifying the cryptographic signature attached to the transaction to ensure its legitimacy.
Cryptomining threats, malware and cybersecurity
The threats emerging from new technologies
Technological advances have changed the landscape of Financial Markets and led to economic growth, but whilst FinTech innovation enables faster movement of money, simplified cross-border payments and the emergence of new digital currencies, there are fresh threats to data security and risks of cybercrime. This includes the spread of cryptomining malware.
According to a PwC report, fewer than half of global businesses are adequately prepared for a cybersecurity attack.
Cybercrime is an increasingly serious threat and it can be hugely damaging for businesses. In fact, it’s been forecasted that the global costs of cybercrime will reach $6 trillion per year by 2021. (Source: 2019 Cybersecurity Almanac from Cybersecurity Ventures).
Cryptomining malware
Cybercriminals use cryptomining malware to harness the processing power of computers, mobiles and smart devices, for financial gain. Browser-based cryptocurrency mining services, such as Coinhive (now shut down), offer hackers the tools to enable website owners to trigger online visitors into cryptocurrency mining, often without any indicators.
This practice, known as cryptojacking, is the unauthorised use of someone’s electronic device to mine cryptocurrency and infect IT infrastructure with cryptomining software. Cryptojackers get users to click on malicious links in emails or infect websites or digital ads with JavaScript code that auto-executes when loaded on the victim’s browser. Cryptomining malware works in the background, often without users’ knowledge or consent.
Cybercriminals are becoming more sophisticated at hiding their malware, and cryptojacking can be very difficult to detect. It is estimated that more than 500 million users are mining cryptocurrencies on their devices without realising it. (Source: AdGuard)
How to protect yourself from cryptomining threats
The best way to detect malicious cryptomining is to monitor the network for suspicious activity. However, cryptomining traffic can be difficult to distinguish from other types of communications, as messages are very short and malware writers use techniques to obscure them. Tell-tell signs are the slower performance devices, lags in the execution of tasks or even overheating.
Luckily, there are various cybersecurity software solutions available to help IT teams prevent the threat of malware, including AI-based analytics systems and machine learning programs. Even if the traffic is encrypted, communication periodicity, message length, plus other indicators, can be monitored to help systems detect infections. Automation can issue rules to the firewall to isolate and block certain traffic, whilst the machine learning technology offered by the latest threat protection software can proactively monitor and prevent issues before they occur.
The most effective way to detect cryptocurrency mining is on the endpoint. Antivirus software, such as Windows Defender (built into Windows 10), can help block browser-based attacks and browser extensions, including ad-blocking or anti-cryptomining extensions, can protect against cyberjacking. Many endpoint protection/antivirus software vendors have added cryptomining detection to their products.
Summary
We hope this article provides a handy overview of what cryptomining is all about, what is involved in the practice and the threats to be aware of. With digital currencies on the rise, you need to be prepared for the impact, both positive and negative, on your operations.
As we mentioned, malicious cryptocurrency mining is prevalent and can pose a serious threat. DarkTrace, SecBI, CipherTrace, Watchguard and CrowdStrike are leading names in cybersecurity, offering solutions to combat cryptomining malware. Networking vendors like Cisco also offer breach defence solutions to support businesses with data threat protection.
Want to get more insights about data security? Check out our blog on mobile data breach prevention: 7 Data Breach Prevention Tips for Increasing Mobile Device Security.
If you’d like advice on how to bolster your network security, you can get in touch with us and speak with a Vohkus data security specialist.