As a CIO and educated facilitator of technology – In the world of data security, cryptocurrency mining software is often overlooked or discounted as a threat because it doesn’t do serious harm to the infected system, but time and time again users are finding this embedded on their systems, servers and critical databases that house their infrastructure.
It bleeds off computing resources, putting them to work for the miners who control the software, working for them to solve complex cryptographic puzzles which generate revenue for the hackers. However, that’s not much of a direct threat. As such, relatively few resources are put toward dealing with such infections. They simply tend to be given a lower priority.
That’s almost certainly a mistake for a couple of different reasons:
First, the amount of computing power this type of malware eats up can be quite severe. In some cases, it utilizes up to fifty percent of the infecting computer’s processing power, which as you might expect, can dramatically impact system performance.
Second, and more troubling and problematic, is that the mining software establishes a beachhead on your network. Once any type of mining software is installed and running on a target system, it’s in communication with the hackers’ command and control server. Anytime the hackers choose to, they can use that connection to install more damaging malware on the target system, including keyloggers, scrapers, ransomware, and the like.
Even worse, hackers can use their toehold inside your network to infect any other device that the initially infected PC is connected to on your network, which means that very quickly, you could go from having a single infected PC to having a network-wide problem that can bring your company to its knees.
The bottom line is simply this: Cryptojacking may not appear overly dangerous on the surface, but if they’re not dealt with quickly and decisively, they could open the door to much more significant issues. Make sure your IT staff is giving these types of infections the attention they deserve or reach out to me to find out about how you can combat these types of threats or attacks with managed services or through proactive auditing.
I provide CIO and IT Support Services alongside a mid-sized technical support team of engineers for business. Bastionpoint Technology is a managed service provider for businesses ranging from 1-500 users! We specialize in Legal, Medical, and Professional services, but support so much more. Retail, Finance, Healthcare, Manufacturing, Non-Profits, and you’ve certainly heard of our clients. We offer unlimited on-demand services, with an on-demand price point to meet every client’s needs. Just call on us – we put your business first!