Zero Trust Stops Cryptojackers from Getting Rich on Your Dime
Last month, a Nebraska man pleaded guilty to turning someone else’s cloud computing resources into his personal ATM.
He racked up $3.5 million in costs to mine nearly $970,000 in cryptocurrency. It’s not a great return on investment – but he wasn’t the one footing the bill.
By spinning up tens of thousands of instances, he freely churned out currency including Ether, Litecoin, and Monero until the scheme caught up with him. Now, he’s facing up to 20 years behind bars.
Cryptojacking is booming, and it’s not even about stealing data or holding systems hostage. Crypto criminals are after one thing: free access to your compute resources to fuel their own profits. But Zero Trust can help.
What is cryptojacking?
Cryptojacking is about secretly deploying cryptomining software onto someone else’s systems without them ever knowing. Why? Mining cryptocurrencies like Bitcoin demands massive compute power, and that doesn’t come cheap. But what if the attacker doesn’t have to pay?
Here’s the scheme: Criminals hijack your compute resources, rack up the energy and processing costs, and mine digital currency for free on your dime. It’s the ultimate freeloading operation, leaving you with the bill while they pocket potentially millions of dollars.
Back around 2009, when cryptomining first emerged, anyone with an average PC could mine cryptocurrency. But as more people jumped into the game, the competition — and the need for serious computing power — exploded.
Today, mining cryptocurrencies like Bitcoin requires solving complex mathematical puzzles and validating transactions. This demands massive computational resources far beyond what a personal PC can handle.
This kind of compute horsepower doesn’t just consume energy. It racks up significant costs for electricity, cooling, and cloud usage which is billed on a pay-as-you-go basis. The more resources you use, the more you pay.
And it happens all the time, especially at universities. Their sprawling networks and abundant compute power paired with cash-strapped, tech-minded students are prime targets for these cryptomining efforts.
For universities and organizations alike, managing these costs is critical. Without proper controls, they could be footing the bill for someone else’s mining operation.
Cryptojacking: The silent resource thief hiding in plain sight
Cryptojacking operations are designed to fly under the radar, activating during low-usage periods like overnight and pausing during peak hours to avoid detection.
The result is a hefty surprise when the bill arrives. Only after digging into the spike in charges is the culprit revealed. Compute use skyrockets every night, a glaring red flag for illicit activity.
Unlike traditional malware, cryptojacking software is built to keep systems running smoothly, avoiding detection by cybersecurity tools that focus on destructive threats. It’s only after the mining is done that systems might experience damage. This stealthy approach makes cryptojacking a challenge for standard cybersecurity measures.
Here’s how the typical cryptojacking workflow plays out:
Zero Trust keeps cryptojackers out
Stopping cryptojackers comes down to two main strategies: detecting it with traditional malware tools or proactively blocking suspicious activity with a Zero Trust infrastructure.
Malware detection is a game of catch-up. Cryptomining software is built to look legitimate. This allows it to spread quickly and quietly across workloads. And by the time it’s flagged by traditional detection tools, it’s too late.
Zero Trust offers a smarter, scalable approach.
Workloads rarely need to talk to each other directly, so the first move in a Zero Trust architecture is to shut down all ports laterally between workloads. This drastically limits how far cybercriminals can move malicious payloads from one compromised workload to another.
A Zero Trust infrastructure only keeps ports open where absolutely necessary. It continuously monitors these open ports across their lifecycle, flagging anything that doesn’t match the expected pattern. Malicious payloads like cryptomining software are usually larger than a few hundred bytes. This makes these kinds of unusual data transfers stick out like a sore thumb.
Zero Trust keeps cryptojacking costs in check without the headaches of a complex threat detection system. It’s a smart, scalable way to protect resources — and avoid playing detective with the unpredictable intentions of a tech-savvy cryptominer.
