Cryptojacking: The Dark Side of Blockchain

Cryptojacking: The Dark Side of Blockchain

This piece was originally published in the April 2018 issue of electroindustry.

Zack Hornberger, Director of Cybersecurity & Imaging Informatics, Medical Imaging & Technology Alliance (MITA)

Cryptocurrencies like bitcoin and the underlying blockchain technologies that power them are enjoying the current digital limelight.

Some experts suggest that blockchain will be a significant enabler of energy innovation, leading many manufacturers, large and small, to explore how the use of blockchain and cryptocurrencies could revolutionize their supply chain management. Unfortunately, there is a dark side to this explosive growth. Cybercriminals have taken to exploiting the eye-watering valuations of many cryptocurrencies through a process called cryptojacking.

Cryptojacking is the subversive use of devices connected to the Internet of Things (IoT) to generate cryptocurrencies through cryptomining. Generating cryptocurrencies can take enormous amounts of power, and many cybercriminals have started to utilize connected devices to do that work for them for free.

Well-publicized incidents of cryptojacking focus mainly on JavaScript and web browsers, but it is equally possible for attackers to hijack any number of connected devices directly with botnets, a network of interconnected devices infected with malicious software and controlled as a group without the owners’ knowledge. Just recently, a security company discovered cryptojacking malware in the operational devices of a water utility in Europe.

Manufacturers across every industry, and especially those that work in electrical manufacturing, must be aware of this risk and its three key threats:

  1. Cryptojacking takes computing power. And it takes a lot of it. That translates into increased power consumption and reduced system performance for any affected device. On the manufacturing floor, that can translate both to increased operating costs and reduced equipment efficiency.
  2. A manufactured product that is infected by cryptojacking malware can have those same effects on the customer environment. That can mean increased support costs and unhappy customers. When those environments are critical infrastructure like electrical grids and hospitals, it can lead to catastrophe.
  3. Mining processes open up another attack channel for other criminals to exploit. This creates vulnerabilities where devices might otherwise be hardened.

Manufacturers must be aware of these problems as they plan for the future. It will become ever more important to monitor systems for irregular power consumption and rogue processes. Continuing to harden their products and software and making customers aware of what normal operations look like will help to prevent botnets. Finally, it must be understood that passive cyberattacks, like cryptomining, can pose just as great a threat as active attacks like ransomware, and this should factor in to risk assessments as a key element.

Botnets are nothing new. Mirai and Reaper, two high-profile examples, made industries and government aware of their dangers. A preliminary report by the National Security Telecommunications Advisory Committee (NSTAC) to the president on internet and communications resilience released in January highlights the pressing need for action.[1]

It would be a mistake to view botnets solely in terms of distributed attack networks. As the cryptocurrency economy evolves, many hackers will be looking to remain under the radar indefinitely, happy to line their own pockets siphoning power and resources that someone else is paying for.

[1] https://www.ntia.doc.gov/files/ntia/publications/eo_13800_botnet_report_for_public_comment.pdf


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.