The New Kind of Cyberattack

March 8, 2018
Updated 4mo ago

“If 2017 was the year of ransomware, 2018 is going to be the year of crypto-jacking,” said Bill Karpovich, Vice President of strategy at software security company Sonatype.

Crypto-jacking is “just the latest way that...exploiters take advantage of weaknesses in our applications and IT environments,” explained Karpovich. Hackers break into other peoples’ systems and install software to mine cryptocurrency using their computing power.

“You can do that in a very untraceable way,” said Karpovich. “This is really the perfect cybercrime in many ways.”

Reports of crypto-jacking have increased in the last few months and will continue to grow, predicts Karpovich.

Tesla suffered a high profile attack like this last month, after crypto-jackers infiltrated its cloud infrastructure. Not only did the incident leave the electric automaker exposed to more security threats, but it came at a financial cost to the company.

“Tesla was paying the bill to Amazon for that network and for the computing that was needed to generate that money,” said Karpovich.

The easiest way to avoid falling prey to crypto-jackers is by updating your security software, Karpovich said.

“The security market is figuring out this is the latest threat,” prompting them to scramble to find patches, he explained.

Not all crypto-jacking is malicious, though. The news website Salon is using the technique to help compensate for a lack of ads. The website asks readers to choose between allowing their computing power to be used to mine cryptocurrency or being bombarded with ads.

“Some of what is being bundled into crypto-jacking is really a new creative way to use digital currencies to create more value for consumers,” said Karpovich.

for the full interview, click here.