Cryptocurrencies witnessed a major setback earlier this year when the Reserve Bank of India delegitimised all transactions with banks. The country's biggest Cryptocurrency trading platform Zebpay had to shut shop within months. However, that hasn't stopped miners from extracting more. Fortinet, a company that deals with cybersecurity, has issued a security alert that cybercriminals are targeting media devices and unsecured IoT devices for crypto mining.
Cryptomining is a process through which various cryptocurrencies are added to the Blockchain by verifying transactions. The miner is essentially responsible for checking the authenticity of the information, which is also the reason why the network is decentralised.
Cryptomining uses powerful GPUs to decode and transcode content in high-resolution formats. Media devices or devices that have a more than average computation capacity are attractive targets due to their use of powerful GPUs combined with a relatively low-level of cybersecurity. The cybersecurity firm claims that these devices are powered on most of the time. Moreover, since these systems are idle at most times, the downtime goes undetected. The stealing of computational power without being detected by the user is called Cryptojacking.
Cryptojacking is a new technique where cybercriminals sneak malware into computers and other media devices. These malwares then hijack the computer's CPU to perform crypto-mining. According to Fortinet, the number of reported cases is rising and cybersecurity experts are warning individuals and businesses about the danger.
"Cryptojacking has become a growing concern. Cybercriminals aren't satisfied with the available supply of vulnerable servers and PCs to hijack in order to mine their favorite cryptocurrency. So, they have added another rich source of computational horsepower to their arsenal-IoT devices," said David Maciejak, Director of Security Research, Fortinet.
Fortinet has come forward with 3 cybersecurity strategies to protect home networks from cybercriminals:
1. Learn and discover your home network
With the increasing number of portable IoT and other devices being installed or used by family members and friends visiting your home, it may be difficult to know exactly what is on your home network at any given time. Even harder is controlling what they are allowed to do.
There are a number of security tools on the market today, designed for the home, that can identify devices looking to connect to the Internet through your Wi-Fi network. Many of them can be easily configured to provide them with access to your guest network, while restricting and monitoring the kind of traffic they are generating, the applications and home resources they are able to access, the amount of time they can be connected online, and the places on the internet they are allowed to connect to.
2. Implement a segmented network
Ensure that visitors and unauthorised devices are connected to a guest network while critical resources such as financial data, should be isolated from the rest of the network. Buy separate wireless access points to separate things like gaming systems and IoT devices from your PCs and laptops. Set up a wireless guest network for visitors or new devices. Most access points allow you to restrict access, set up things like firewalls, and monitor guest behavior.
To protect your critical resources, consider purchasing a separate dedicated device that is only used for things like online banking. You could also set up a separate virtual device on your laptop or PC for banking online.
As much as possible, keep your work and personal devices separated. Set up a separate connection for work, only connect through a VPN tunnel, and consider encrypting sensitive data traveling back and forth between your home and corporate networks.
3. Protect all critical devices and perform regular updates
Keep a list of all the devices and critical applications on your network, including the manufacturer. Set up a weekly routine to check for updates for physical and virtual devices, operating systems, applications, and browsers. Get antivirus and anti-malware software, keep it updated, and run it regularly. Set up a regular schedule, say once a month, where you use a second or third security solution to scan your device or network. Get a firewall. Most home security packages include a firewall option. Turn it on.
Use good password hygiene. Change your passwords every three to six months. Use an encrypted password locker to store passwords. Use different passwords for different kinds of things. Don't mix your personal and work passwords.