The post Invisible resource thieves: The increasing threat of cryptocurrency miners appeared first on Stories.
Cryptomining, using tools to hijack a user’s CPU to mine cryptocurrency; ransomware and mobile malware continued to plague enterprises in 2017, according to a top malware report issued by Check Point Software Technologies Ltd.
The report, which investigated the top security issues facing enterprises in the last half of the year, said 20% of organizations were infected by cryptomining malware that in some cases can diminish CPU processing by more than half.
Check Point, based in San Carlos, Calif., also said in its top malware report that attack vectors shifted during the last half of the year, with infections based on the Simple Mail Transfer Protocol eclipsing those on HTTP. The increase — from 55% during the first half of 2017 to 62% after July — reflected the number of skilled hackers targeting vulnerabilities in documents, particularly Microsoft Office.
Mobile attacks, meantime, became more nefarious. The Check Point top malware study found that enterprises are now becoming vulnerable to threats either launched by mobile devices or through mobile malware such as Switcher.
“The second half of 2017 has seen cryptominers take the world by storm to become a favorite monetizing attack vector,” said Maya Horowitz, Check Point’s threat intelligence group manager, in a statement. “While this is not an entirely new malware type, the increasing popularity and value of cryptocurrency has led to a significant increase in the distribution of crypto-mining malware. It’s clear that there is still a lot that organizations need to do to fully protect themselves against attacks.”
Check Point based its second-half top malware report on its ThreatCloud intelligence service, which holds more than 250 million addresses analyzed for bot discovery and 11 million malware signatures.
Broadcom releases SDK for ASICs
Broadcom Ltd. issued an open source software development kit, or SDK, to enable developers to customize their use of Tomahawk switch silicon in their operations.
The first version of the kit, dubbed SDKLT, is based on the BCM56960 Tomahawk switch, used within top-of-rack switches and fabric designs. The open source code is downloadable from GitHub, with the associated logical table APIs available through an Apache 2.0 license, Broadcom said.
The SDKLT uses a logical table approach to simplify how developers add features to the switch silicon. All device physical resources, such as media access control address tables, Layer 3 route tables and other functions, are presented within logical tables instead of proprietary function calls, Broadcom said.
“The SDKLT brings a fresh, state-of-the-art software development approach to the broader community of network software developers where they can now fully and directly control and monitor the rich switch feature set optimized for SDN and cloud use cases,” said Ram Velaga, Broadcom’s senior vice president and general manager of switching products, in a statement.
Broadcom’s move follows a similar initiative by Barefoot Networks, which in 2016 released Tofino, a family of switches that can be customized through P4, an open source consortium with more than 60 members.
F5 launches training for app development
F5 Networks has introduced a new training program aimed at speeding up the time it now takes for enterprises to ramp up new applications and services.
The initiative, called Super-NetOps, is focused on enabling engineers and developers to deliver applications through a service model rather than a traditional, ticket-driven approach, Seattle-based F5 said.
By standardizing critical application services and basing how they’re developed through automated toolchains, F5 said applications can go live within minutes.
“Super-NetOps will help network operations professionals build on their decades of experience deploying, managing, maintaining, and securing applications and equip them to deliver the automation and agility needed by DevOps teams,” said Kara Sprague, F5’s senior vice president and general manager, in a statement.
The online course, which is free, will debut with two modules covering DevOps methodologies and the concepts of automation, orchestration and infrastructure as code. Future modules will include training about agile methodologies, application language frameworks and how to deploy third-party automation toolchains.
Ask a random person about blockchain, and you’ll probably get an answer involving bitcoin and cryptocurrency – assuming that he or she is even familiar with the term. But blockchain has a lot more to offer and is significant across all sectors and industries – from banking to government to healthcare and beyond. The potential of blockchain is as unlimited as the when the Internet began. The technology has been considerably underexposed so far, and if our society wants to benefit from its possibilities to the fullest – this is something we have to change in 2018.
What is blockchain?
For those who aren’t yet up to speed on the technology, a blockchain is a safe, digital and tamper-proof ledger, in which transactions are verified by a widespread network of computers. The technology makes it possible to extend information outside the company walls, using its shared processes with suppliers, clients and partners.
Blockchain makes it possible to set up an open, transparent and verifiable system, offers a safe way to digitally trace assets and has the potential to completely redesign company processes. Explaining the full details would require us to exceed an acceptable word count for this article, but in a nutshell the blockchain offers a solution for transactions that are based on mutual trust.
So what does blockchain mean in practice? In 2017, the world saw various interesting blockchain business cases, including:
- Increased booking accuracy for Webjet – in collaboration with Microsoft, the Australian organization developed a blockchain based solution for its booking and payment system. Thanks to the solution, Webjet’s system is now safer and less error-prone.
- Bank Hapoalim gives bank guarantees online – up until recently, customers had to physically visit a bank office to apply for a bank guarantee. Thanks to blockchain technology, the bank can handle the entire process safely online, from application to the issuing itself.
- More efficient transport insurance process for Maersk – the transport organization developed a blockchain based solution together with Microsoft, that enables it to handle claims more efficiently, to collaborate more effectively and to gain insights in real-time locations of goods at sea.
- Identifications for everyone with ID2020 – Microsoft is collaborating with Accenture on ID2020, a project to give the 1 billion people worldwide that don’t have an ID document a way to identify themselves through blockchain.
What to expect in 2018
Based on what we saw last year, 2018 is promising to be an exciting year. But in order to be able to profit from blockchain on a large scale, it is important for companies to start investing in knowledge about the blockchain’s possibilities. For which business problems will blockchain be able to provide a solution? And for which problems will it not?
Many companies still lack this kind of knowledge about blockchain. Looking at the blockchain maturity model, it quickly becomes clear from the way companies are using the technology that it is still in the early stages.
80 percent of the organizations are at the first level, meaning that they don’t have any blockchain experience and that they haven’t defined processes or scenarios. About 15 percent has taken it a level further. These companies have defined the potential scenarios and have some experience with blockchain. That means only 5 percent of the organizations have reached the last two levels, where they actually deploy the blockchain.
How can blockchain help your organization?
Of course the blockchain is not a silver bullet that offers a solutions for all business issues. To find out if blockchain can help their business, organizations should ask themselves the following questions:
- Do multiple parties share data? Would a complete and reliable shared system of record benefit each of the participants in a business relationship?
- Do multiple parties update data? Would there be a greater data accuracy and timeliness if multiple participants could record and propagate concurrent transactions?
- Is there requirement for verification? Would tamper-proof logging increase transaction throughput and reliability among semi-trusted business partners?
- Can intermediaries be removed? Would the removal of intermediaries reduce cost and complexity?
The more questions a company can confirm, the more likely it is that blockchain will result in business advantages – and that learning more about the technology will be worth the investment.
Gaining a competitive advantage
Although a lack of knowledge might limit the potential on a societal scale, it does offer business opportunities – specifically for companies that are willing to learn more about the technology in 2018. By investing in more blockchain knowledge now, for example by mapping how the technology can help to further the organization, it is possible to gain a competitive advantage. Now there’s a perfect goal for 2018
Want to get started with blockchain?
Microsoft Azure offers a platform to develop, test and deploy various blockchain solutions and to quickly set up a test environment. Blockchain on Azure is compatible with any kind of blockchain, easily connected to different data analysis and AI tools and fully scalable. Create a free account today to get started right now.
Hacks on cryptocurrency exchanges seem to be on the rise.
Youbit, a cryptocurrency exchange in South Korea, filed for bankruptcy after losing 17% of its assets in the second cyberattack it has suffered in the last year. In April 2017, Youbit lost nearly 4,000 bitcoins in the first attack — worth about $5 million at the time of the theft but now valued at tens of millions of dollars.
Youbit has said that its customers’ cryptocurrency assets will be marked down to 75% of the full value and has stopped all trading in an attempt to minimize any further losses to the company and its customers.
Korea Internet & Security Agency (KISA), the South Korean government agency responsible for internet security, linked the April cyberattack to North Korea, though there’s no word yet on who may be behind the most recent attack. Attacks on other cryptocurrency exchanges Bithumb and Coinis this year have also been blamed on North Korea.
Youbit is one of the smaller cryptocurrency exchanges in South Korea, while Bithumb has about 70% of the bitcoin trading market share in the country.
A different cryptocurrency exchange, EtherDelta, took to Twitter to alert its customers to a cyberattack on its systems.
1/2 *IMPORTANT* we have reason to believe that there had been malicious attacks that temporarily gained access to @etherdelta DNS server. We are investigating this issue right now – in the meantime please *DONOT* use the current site.
— EtherDelta (@etherdelta)
December 20, 2017
⚠️ 2/2 *BE AWARE* The imposer’s app has no CHAT button on the navigation bar nor the offical Twitter Feed on the bottom right. It is also populated with a fake order book.
— EtherDelta (@etherdelta)
December 20, 2017
EtherDelta shut down its site and services when it learned of the cyberattack. In its tweets, the exchange warned that its DNS server was compromised by malicious actors. Since the initial tweets, EtherDelta followed up Thursday morning saying it is “in the last step to bring the service back.”
EtherDelta is ranked as the 85th largest cryptocurrency exchange, according to CoinMarketCap. It is known for offering a selection of alternate cryptocurrencies before they become widely available and is only a cryptocurrency-to-cryptocurrency trading platform; customers cannot convert cryptocurrency holdings to fiat currencies through EtherDelta.
DNS hijacking attacks on cryptocurrency exchanges aren’t unusual either, as the websites of Classic Ether Wallet and Etherparty initial coin offering also both suffered similar attacks this year.
Hackers were also recently able to steal nearly 4,700 bitcoin, worth almost $80 million at the time of the theft, from Slovenian bitcoin exchange NiceHash.
In other news:
- The facial recognition authentication technology in Windows 10, called Hello, can be bypassed with a simple photograph, according to security researchers. Matthias Deeg and Philipp Buchegger of the penetration testing company SySS GmbH, based in Tubingen, Germany, posted a warning about the issue with the Hello program earlier this week. “Due to an insecure implementation of the biometric face recognition in some Windows 10 versions, it is possible to bypass the Windows Hello face authentication via a simple spoofing attack using a modified printed photo of an authorized person,” the researchers explained. They listed seven different builds of four different versions of Windows 10 Pro that are affected by the vulnerability. The researchers also noted that enabling “enhanced anti-spoofing” on the system makes the spoofing attack less reliable, but it doesn’t actually stop the attack.
- Facebook introduced a new anti-phishing security feature this week that enables users to check if the emails they receive from the company are legitimate. Facebook notifies its users when there is a suspicious login attempt or authentication activity on their account by sending them an email. Malicious actors often try to spoof those emails and trick Facebook users into clicking on a malicious link or going to a phishing site. Now, when users receive an email, they can log in to their Facebook account, check their security settings, and see any recent emails Facebook has sent them. If an email is listed as sent, they know what’s in their email inbox is legitimate. If no email is listed, users know that what they received is malicious. This new feature is the latest attempt by Facebook to prove that it takes user security seriously. The company came under fire when it was discovered that malicious actors tied to Russia placed thousands of ads on Facebook in an attempt to influence the 2016 U.S. presidential election. Mark Zuckerberg followed up by saying, “We’re serious about preventing abuse on our platforms. We’re investing so much in security that it will impact our profitability. Protecting our community is more important than maximizing our profits.”
- Five hackers were arrested in Romania this week due to ties with international ransomware attacks. Romanian law enforcement worked with authorities from the Netherlands, the United Kingdom and the U.S., as well as Europol and security company McAfee to bring in the suspects who allegedly spread ransomware through Europe and the U.S. They seized hard drives, laptops, external storage devices, cryptocurrency mining tools and documents from the suspects’ houses in connection with strains of ransomware known as CTB-Locker or Critroini and Cerber. The suspects are not thought to be the authors of the ransomware, but distributors of it. CTB-Locker ransomware is known to be difficult to detect and often spreads through phishing messages. It was one of the first ransomware families that used the Tor network to hide its command-and-control infrastructure.