You can teach your clients how to spot a phishing email and hope that they take heed.
You can warn them about the dangers of reusing passwords and basic cyber safety.
But how do you educate and create awareness about something that is so slow-moving and “creepy” that most people don’t even realize it’s there until it is too late?
We’re talking about cryptojacking and it works in a way that is slow, hits victims from a variety of angles, and is on the rise.
What is it?
Cryptojacking is the secret use of a device to acquire and mine cryptocurrency. While it can be done through the installation of software – usually unknowingly – current methods use JavaScript on a web page to mine by just running each time the page loads. This is known as in-browser crypotjacking. Nothing to install. Nothing to confirm or opt-in to. Devices can be pulled together to create a powerful resource to mine cryptocurrency. This can be run for a long time in the background without anyone ever realizing it has been happening since the visible impact is minimal.
What does it mean to businesses?
While the initial impact is not as blatant or obvious as a typical data breach, the long-term results can be slow devices, overall computer performance, and increased risk of future compromises to the system. What these hackers are doing is not crippling the system, they are merely stealing resources from a business to do illegal activities.
Can it be stopped?
Nothing is foolproof but having a system that is updated in its technology, which includes hardware and software versions and all patches, is a good start. And as always, an informed workforce is the first defense against incorrectly installing anything that isn’t legitimate or opening the door for hackers.
Start with education, continue with monitoring and updates, and have regular check-ins with your clients to ensure that they are aware of the ever-changing landscape of risk to their business.
