Security

Cryptojacking Targets Education

• By Dian Schaffhauser
• 02/26/19

Education is among one of the top verticals affected by a newer form of nefarious cybercrime. Malicious cryptomining or cryptojacking, as it's called, describes the theft of computer processing resources — electricity, cloud services and other digital assets — that are then exploited to do cryptocurrency mining without the owner's permission or knowledge, according to a recent report by Cisco.

According to the company, unauthorized cryptomining activity grew 19 times, increasing from 600,000 queries in March to 11.3 million by December. The impact is felt by its victim companies through degraded performance, systems attacks and higher electricity usage, as well as possible compliance problems, particularly in the area of security exchange regulations.

While the largest target was made up of energy and utility companies, in the Cisco study, colleges experienced 22 percent of all cryptomining attempts, while K-12 made up 4 percent of the total. Cisco, which sells Umbrella, an enterprise cloud security service intended to stop users from connecting to malicious sites, said those organizations with fewer than 10,000 employees were the primary focus, making up eight in 10 of the targets hit by cryptomining traffic.

Next week, two people from Cisco, Ayse Kaya Firat, the head of analytics and customer insights, and Austin McBride, a threat analytics researcher, will be presenting a session on the topic during the RSA security conference.