Cybercrime changes complexion depending on the business environment. If medical data fetches a premium, hospital systems will become prime targets. If the value of Bitcoin goes up, crypto miners will find ways to hijack compute power (aka cryptojacking). So it comes as no surprise that Symantec reported a sudden 163 percent flare in cryptojacking events in Q2 of 2020, compared to the previous quarter[i]. Obviously, the value of Bitcoin was going up. The cryptocurrency had climbed 42 percent in Q2, reporting its fourth-best quarterly close in the last six years[ii]. Cyber security experts had written off cryptojacking two years ago, after it had peaked in December 2017. They said cryptojacking would not return, claiming that the declining value of cryptocurrencies such as Bitcoin and the closure of Coinhive had made cryptojacking a waste of time. Obviously, they were wrong. But our interest is not in knowing why cryptojacking has made a comeback. It is in understanding why the idea of cryptojacking is important now.
For those who came in late to the world of digital and crypto currencies, let me roll back a bit. For a pro, this will sound like Crypto 101, but bear with me for a moment.
Computer programs are used to mine digital currencies such as Bitcoin. “Miners” are paid with crypto currency for completing certain tasks. Think of these tasks as “puzzles” such as verifying transactions and adding them to the blockchain.
Someone in the mining network solves a `puzzle’ every 10 minutes and is rewarded with Bitcoins. When one puzzle is solved, miners move to the next puzzle. The next puzzle is invariably more complex than the preceding one. Billions of sums have to be completed to solve a puzzle. Each sum is called a hash. A billion hashes make a gigahash. In 2020, miners were collectively running 120 exahashes per second[iii]. One exahash is one quintillion hashes per second or one followed by 18 zeros. You guessed it: This takes massive computing power.
Now we are better equipped to appreciate the idea and impact of cryptojacking.
Mining crypto currencies is not illegal — that is, until you hijack compute resources that don’t belong to you to do the mining. It should be evident by now that a single desktop computer, or even a dozen, cannot be used for the task. Therefore, miners hijack industrial-strength resources to run their mining programs. An example of this is Ghost, a blogging platform, which reported crypto-mining malware on its Salt-based server infrastructure in May 2020[iv]. Recently, a dozen super computers in Europe had to be shut down after cryptojacking incidents came to light[v]. Normally, cryptojackers target thousands of PCs. One gang infected 400,000 public PCs[vi], another took over 500,000 PCs[vii]. These people are not stealing money, passwords or business data. They are stealing CPU power.
Their hunger for CPU power makes cloud infrastructure the ideal target. These miners then acquire the dubious distinction of being called cloudjackers as well.
One study in 2018 found that 25 percent of organizations had experienced cryptojacking activity on their cloud environments[viii].
This form of a breach in IT infrastructure has serious consequences. If the cloud resource of an enterprise is hijacked by a crypto miner and the cloud billing is paid based on CPU usage, the bill is going to mysteriously increase. It can also result in a slowdown of systems, it can make them unstable, reduce productivity, etc., while the miner makes merry.
Here is an easy-to-understand consequence of cloudjacking by crypto miners: In 2020, the Bitcoin network consumed a reported 120 gigawatts of power to execute the 120 exahashes every second. I am not an electrical engineer, so the calculations are beyond me, but apparently that amounts to the total power consumption of the Czech Republic[ix]. Obviously, someone is paying for the power and it isn’t the miner. Suffice to say that cryptojacking is expensive for the unwitting enterprise that is hosting the invisible parasites.
The problem of cloudjacking is going to grow several fold in the coming months. Cryptojackers will be waiting as scores of enterprises, hit by COVID-19, rapidly turn to cloud to improve their infrastructure capacity, their business resilience, availability and business continuity planning. The numbers say it all: Cloud spending rose by 37 percent in the first quarter of 2020 over the same time last year[x]. At the moment, this is conjecture, but it would be safe to assume that growing cloud adoption will open more doors for cryptojackers. Businesses must take note of this development and stay alert.
There are several other emerging threats that cybersecurity experts will be called upon to tackle in the months to come. These are not your traditional phishing, ransomware, DNS tunneling type threats.
These are threats emerging from the convergence of IT (Information Technology) and OT (Operational Technology), attackers using Artificial Intelligence (AI) to mess up your data (data poisoning), the growth in IoT and edge devices that increases the threat landscape, and fresh challenges emerging as 5G is rolled out.
In fact, 5G will change the nature of networks more than anything has done in the last two decades. It will most certainly kill Ethernet (and all those routers etc. with it). Beyond 5G we must prepare for the mother of all disruptions that is going to happen at the hands of quantum computing. Hackers will use quantum computing to render encryption pointless. By using what is called Shor’s algorithm, quantum computers will make RSA encryption history[xi].
I am reminded of the Peter Parker principle (fans of Spider-Man already know this by heart): “With great power comes great responsibility”. As enterprises add to the firepower of their business capabilities by leveraging advanced technologies, they will also have to bear the responsibility of improving their cybersecurity game.
Founder, Chairman and Managing Director, Microland Ltd