Cryptocurrency related attacks have surpassed all other types of cyber attacks in 2018. Spike in cryptocurrency prices and beefed up security measures following relentless run of heists have compelled threat actors to adopt unethical means to mine cryptocurrency. Cyber criminals have turned to launch Cryptocoin mining attacks on users’ system and exploit their resources.
Recently an automated mining Attack on Canadian University, St. Francis Xavier launched by unknown threat actors compelled the university officials to shut down its entire computer network for four days.
The mining attack was launched to steal computing power and bend it towards cryptocurrency mining.
Insights of Mining Attack on Canadian University
Nova Scotia’s St. Francis Xavier University unveiled a Crypto Jacking scheme on 15th November 2018 on its networks. The malicious software was implanted on the servers that attempted to utilize the StFX’s collective computing power to mine cryptocurrency for monetary gains.
Though there is no evidence of loss of personal information within the compromised network, the breach interfered with basic access to following network resources:
- Email accounts
- Debit transactions
- Online courses
- Storage Drives
Following the incident, security specialist disabled all network systems and asked students and faculty to change the passwords of all the services they were using.
To reduce potential risks, representatives of school have decided to regain access to campus resources in stages.
Also, to avoid any future attacks, ITS has undertaken safety measures & implemented high security.
How did the malware invade the University’s servers?
The exact cause of malware infiltration is not yet known. However, in most cases crypto jacking of host computers occurs via phishing schemes. These schemes are designed to covertly install mining malware on unsuspecting machines.
- Poor Digital Hygiene is the major cause of such cyber attacks. Old unpatched systems that lack important security updates act as a doorway for malware intrusion. For Instance, research reveals that Eternal Blue vulnerability in old Windows systems have earlier led to illicit mining of cryptocurrencies like Monero.
- Installation of illegitimate software in disguise: Threat actors design fake applications that masquerade as legitimate computer program to swindle users. Earlier instances have revealed that a fake Adobe Flash updater was designed by cyber maniacs that included malware code in the main software payload. Installation of this fake application led to the intrusion of a crypto jacking malware that ran malicious script in the background without user knowledge.
- Click on spam email attachments: Click on email attachments from unrecognized senders can also lead to malware infiltration in the system. Such reckless attitude can result in the disruption of important systems like the one at St. Francis Xavier.
Steps to follow to keep Crypto currency mining threats at Bay
Cryptojackers usually target institutions with large networks as a single attack can gain them more computing power. Hence stringent security measures should be undertaken to secure systems from getting infected by coin mining malware. These include:
- Installation of security programs in the system goes a long way to avoid attacks by Cryptojacking malware.
- Maintaining good cyber hygiene by refraining random clicks on suspicious links and spam emails is utmost important.
- Keeping OS and installed applications up to date is deemed necessary to avoid Crypto currency mining threats.