How CISOs can Mitigate Cryptomining Malware
Learn more about cloud-based cryptomining, its repercussions, and how CISOs can create an effective risk mitigation strategy for this threat.
As cryptocurrencies continue to grow in popularity, organizations are increasingly at risk for cryptomining attacks. In fact, Apache Log4j (Log4Shell)—the holiday gift no one asked for—was observed to be mostly used for cryptomining and ransomware by cybercriminals. Trend Micro Research investigated the most prominent groups in the cryptocurrency-mining landscape to determine the impacts on organizations and establish best practices for effective risk mitigation.
What is cloud-based cryptomining?
Malicious cloud-based cryptomining or cryptocurrency-mining malware is when cybercriminals enter cloud deployments by exploiting unpatched vulnerabilities, weak credentials, or misconfigurations to utilize an organization’s compute power to generate cryptocurrency.
Business repercussions of cryptomining
1. Resource consumption and cost
Perhaps the most obvious impact—cybercriminals mooching off compute power leads to significant spikes in cloud computing costs. This is especially worrisome if the cloud environment is set to auto-scale; legitimate projects can be scaled up and cost more, making cryptomining difficult to detect until the bill comes in. For example, when Trend Micro Research deployed the monero miner, XMRig, on one of its systems, they saw a drastic 600% increase in CPU costs