Hackers are stealing more than your money and data these days. Now, they need your computing power to do their dirty work, too. The latest threat to businesses – cryptojacking - could be crippling your network, whether you realize it’s happening or not.
Cryptocurrencies, or payment for hackers and cyber criminals, are earned through a process called cryptomining where criminals have to solve complex mathematical problems to validate their transactions. Criminals use software, requiring massive amounts of computing power to do so.
In order to acquire this computing power without exhausting their own resources, criminals may embark in cryptojacking – a process by which cyber criminals hack into the networks of unsuspecting victims and leverage their computational power to do their cybermining. The result is a slowing or crashing of the victim’s computer systems, lost productivity, high energy costs and even equipment crashes and subsequent replacement costs.
How does cryptojacking happen?
Cyber criminals can access your computational power in a few ways:
- Phishing email: The hacker will send a malicious link or attachment via email. When an unsuspecting employee clicks on it, a code injects a cryptomining script on the target computer. The script will run continuously, often undetected.
- Drive-by mining: A cryptojacking script is injected on targeted websites or pop-up ads. When a victim visits that website or receives a pop-up from the infected ad, the script will run and infiltrate the network.
- Rogue employees: Insider employees that have access to IT infrastructure can set up cryptojacking systems, including physical servers, in any work environment.
How can you prevent it?
There are a few best practices you can institute to help prevent cryptojacking, including:
- Leverage web filtering tools that block websites known to spread cryptojacking scripts.
- Engage a cryptojacking ad blocker to prevent infected ads from popping up.
- Implement endpoint technology to detect known cryptominers as they penetrate the network.
- Manage vulnerable apps and malicious extensions using mobile device programs for an extra layer of protection.
- Educate employees to better recognize phishing emails.
Will insurance cover cryptojacking?
With the vast number of exposures and potential losses when it comes to a cyber attack of any kind, there is no one size fits all cyber policy. However, working with your broker can ensure that the following areas of risk transfer are covered under your cyber policy:
- Business Interruption – The cumulative effect of the slowing of hundreds or thousands of computers in one organization can lead to significant costs over time. Components may fail prematurely due to overuse, and critical controls may be affected. The resulting downtime and restoration process can cause financial loss, which may be recovered under a cyber insurance policy.
- Network Security Liability – If a business unknowingly transmits a cryptomining code to other organizations, they could face legal liability. Litigation costs and settlements may be covered under a cyber policy.
- Crisis Management – Once a hacker has access to your network via a cryptojacking attack, they could also access sensitive information to monetize, such as Social Security numbers and financial records. Costs to retain external vendors to investigate and respond to such an attack, including IT forensics firms, privacy attorneys, credit monitoring fees, notification and call center costs, may all be covered by a cyber policy.
Contact your HUB Cyber Specialist today to find out how you can best transfer your risk of a cyber attack.