Cryptojacking Continues to be a Big Problem for Data Centers
Bitcoin and other cryptocurrencies have had a rough year in terms of growth. However, they still remain wildly popular for many people. Among those, are the online hackers, who have found it to be an excellent source of revenue through cryptojacking. Cryptojacking the term used when an online hacker finds vulnerability in the security of a data center (that mines cryptocurrencies) and installs specific malware. Unlike most types of malware that steal information, this version uses servers throughout the data center to mine various cryptocurrencies. Since it doesn’t cause any direct harm, it is very difficult to detect and can go on for months, or even years, without anyone noticing.
Advanced software will even take measures to ensure that it is only using up ‘spare’ CPU or GPU processing power so that it doesn’t cause any errors or other issues with the processing that companies need done. In many cases, the malware doesn’t even push the CPUs or GPUs to 100% utilization, which would undoubtedly set off alerts in monitoring tools.
Targeting All Types of Data Centers
Hackers are happy to target any type of data center because once they get in, they can make significant amounts of money for long periods of time. Notably, the electric car maker, Tesla had their cloud data center servers infected. Tesla had a misconfiguration on their Amazon Web Services environment, which gave the hackers an opening to install malware. It hasn’t been released how long the mining continued before it was discovered.
The popular web development application, Jenkins also had their servers infected. In this attack, hackers were able to mine more than $3 Million worth of Monero, a popular ‘alt-coin’ cryptocurrency. While both Tesla and Jenkins systems have since been cleared of any malware, it was only discovered because of scans done by third party security firms.
Online criminals are finding ways to put crypto miners on just about any type of device that can run a process. This includes smart phones, tablets, browsers, IoT devices, and of course, powerful computers in large facilities.
What’s the Harm?
What makes this issue bigger is that people don’t seem overly concerned about this type of attack. Many people think that because these attacks aren’t stealing data or causing other direct damage, they aren’t as big of a threat as many other types of cyber-attacks.
For the data center owner, one of the biggest issues is that the miners are using up lots of processing power, which translates into thousands of dollars of increased electrical usage. Unfortunately, not all facilities monitor their electrical usage closely so this additional expense is simply paid by the accounting department and no red flags are raised.
The scope of the issue is quite large and growing rapidly. Cloud security firm RedLock estimates that as many as 25% of organizations have cryptojacking activity present in their environments. Needless to say, this is a massive problem for both data center owners, and any companies that use cloud computing services. Taking active steps to identify this type of threat and eliminate it is essential for operating a facility efficiently.