A new form of hacking called “cryptojacking” is on a rampage through the online world.
Cryptojacking events rose 34,000 percent in 2017, and Symantec blocked 8 million events in December alone of the same year.
Cryptojacking involves hijacking another person’s computer to mine cryptocurrency. Once cryptomining takes hold of a computer, the mining usually goes unnoticed by the victim. As a result, cryptojacking can serve as an easy moneymaking ploy for cybercriminals.
Because cybersecurity is a top priority for non-profits that must adhere to strict regulations such as HIPAA, cryptojacking should be a concern.
Two Methods of Cryptojacking
Cryptojackers utilize two main methods; it is typically performed through either of the following:
1. Cryptomining code on computers
Using phishing tactics, hackers can load cryptomining code onto a computer once a victim mistakenly grants unauthorized access.
2. Injecting a script on a website or ad
Victims that visit a certain website or receive pop-ups may unknowingly open a portal for cryptojacking scripts. The mathematical scripts allow the hacker to control a victim’s computer through the hacker’s server.
A few symptoms of cryptojacking include an overloaded processor, slow response times, and/or overheating of the computer or device.
Cryptojacking prevention can be achieved through a variety of measures. The following are some effective methods:
• Security awareness training
Informing employees on cryptojackers, other hacking methods, and good cybersecurity habits can safeguard an organization from potential threats.
• Ad-blocking or anti-cryptomining
Installing ad-blocking or anti-cryptomining software can block ads that could contain cryptojacking scripts.
• Web filtering
Web pages that are known or suspected to have cryptojacking scripts can be blocked using web filtering tools.
• Browser extension maintenance
Hackers also use browser extensions for uploading scripts. Therefore, keep track of browser extensions to help prevent cryptojacking.
Non-profit organizations should remain aware of cryptojacking, which is probably the least suspect type of hacking. Amplified awareness coupled with strong security greatly lessens the risk of attacks and exposure of an organization’s sensitive data.