Follow sound security practices to avoid falling prey to crypto jacking

Avoid downloading free content, keep your software updated, and seek a cyber security expert's advice if your computer slows down excessively

Incidents of cryptojacking are rising. Many Indian websites, including those belonging to state governments, municipal corporations, and even those of Union ministers have been hijacked in recent times. In April this year, more than 2,000 computers belonging to the Aditya Birla Group were the targeted of such an attack. According to a study by Kaspersky Lab, the number of incidents of cryptojacking worldwide in 2016-17 stood at 1.9 million. It rose to 2.7 million in 2017-18, an increase of a little more than 42 per cent.

In a cryptojacking attack, hackers gain unauthorised access to your computer. They then use your machine’s computing power to mine cryptocurrencies. “Earlier, most such infections happened through emails. But nowadays more of these attacks happen when you visit a suspect web site,” says Mukul Shrivastava, partner, forensics and integrity services, EY India. 

To produce cryptocurrencies, an activity called mining has to be carried out. This is the mathematical processing required to generate a new token of a cryptocurrency. This activity requires a lot of processing power. The more popular a cryptocurrency, the greater the processing power required. Many people set up small data centres to do this, while others steal the processing power from a hundred other computers.

When a victim opens an infected website, the script starts running in the background and uses up his computer’s processing power. Sometimes the malware also gets installed on your computer. Whenever the computer is on, part of its processing power gets utilised. How much your computer slows depends on the way the malware is configured. Some hackers may use only 20-30 per cent of a computer's processing power so that the victim may not even notice it. Others may hijack 80-90 per cent.

Recently, a new kind of malware called PowerGhost has been found. It is a file-less malware. No file has to be downloaded and deployed on a computer. Instead, the malware gets executed in the computer's memory, allowing hackers remote access to the machine.  A few precautions can reduce the probability of your computer falling prey to cryptojacking. Keep all your software updated. Always have an antivirus installed on your system. This too should be updated regularly. Businesses need to conduct training for their employees so that they follow security-related best practices. "In addition to a traditional antivirus, you should also install advanced security systems, which carry out application control, behaviour monitoring, and prevent exploitation," says Siddharth Mutreja, enterprise solution architect, Kaspersky Lab.

As far as possible, visit only reputed websites. “It is also advisable to avoid downloading free movies, songs, and pictures on your computer, as this often leads to malware infection. You should also avoid using pirated software. If someone has cracked its code, then they might have added a malware as well, exposing your computer to an infection,” says Shrivastava. If you do not know the source that has sent you an email, avoid clicking on it. Educating children and elders in best security practices is especially important. Shrivastava suggests that if your computer has slowed a lot, just running an antivirus may not suffice. In that case, you should get it scanned by a reputed forensic or cyber security expert. He adds you should opt only for forensic or cyber security experts who come to you with a reference and are reliable.