According to the latest research Trend Microcloud systems are under attack Crypto Mining and cybercriminal groups dedicated to mining crypto currencies are intent on grabbing as many resources as possible. Let’s find out in more detail what emerged.
Crypto Mining – Trend Micro Research
According to what emerges from the research A Floating Battleground. Navigating the Landscape of Cloud-Based Cryptocurrency Mining Of Trend Micro (global cybersecurity leader), cybercriminals are increasingly looking for holes.
More specifically, cybercriminals exploit exposed instances and constantly search for weak SecureShell (SSH) logins through brute force attacks. Their goal is to compromise cloud assets for cryptocurrency mining.
The elements exploited by cybercriminals to gain access to systems are often characterized by having outdated software, a non-compliant cloud security posture, and inadequate knowledge of how to secure cloud services. For this reason, investments in cloud computing increased during the pandemic. However, the ease with which assets can be deployed has left many cloud instances exposed online unpatched or misconfigured.
The additional computational costs of mining can slow down key user-facing services and increase operational costs by up to 600% on each infected system. Cryptocurrency mining can also be the alarm of a more serious compromise. Many cybercriminals implement mining software to get extra revenue before online shoppers buy access for ransomware, data theft, and more.
Prevention is better than cure
To stem threats from cloud cryptocurrency mining attacks, Trend Micro recommends a number of things.
First you need to make sure your systems are up to date and run only the required services. Then you need to implement firewalls, IDS / IPS and a security cloud endpoint to limit and filter outgoing and incoming network traffic. And also eliminate configuration errors through Cloud Security Posture Management tools. It is also essential to monitor the connections of the inbound and outbound cloud instances and filter the domains associated with known mining pools.
Finally, it’s a good idea to set up rules to monitor open ports, DNS routing changes, and CPU resource usage from a cost standpoint.
The statements
“Even a few hours of compromise could translate into profits for the cybercriminals. This is why we are witnessing a constant struggle for computational resources in the cloud ”. She stated Salvatore Marcis, Technical Director of Trend Micro Italia. “Threats like this require organized and distributed security to make sure the bad guys have nowhere to hide. The right platform supports teams in maintaining visibility and control of their cloud infrastructure, mapping the attack surface, assessing its risks, and applying the right protection without adding excessive runtime costs. “
For further information, please refer to the Trend Micro website.
While waiting to always discover new information, stay tuned on the techprincess pages for new interesting news and insights. As always, tell us your opinion on our Facebook page.