Story image

Data centres beware: New report predicts imminent attacks

26 Mar 18

Cybercrime is of course driven by the potential financial windfall, as well as the relative safety when compared to other more physical alternatives.

Cryptocurrency mining is the latest trend in illicit revenue generation by abusing the same age-old malware attack vectors previously associated with ransomware dissemination.

According to Bitdefender, cryptocurrency-enabled malware is increasingly outperforming ransomware with the rise in adoption surging over the past six months.

As an example, the number of coin miner reports increased from 9.47 percent in September 2017 to 17.54 percent in October 2017. In January this year the number sat at 21.79 percent.

Coinciding with this growth, ransomware attacks began to decrease after dropping 3.38 percentage points between November 2017 and December 2017 and continuing on a descending path.

The more cryptocurrency is mined, the more resource-intensive the process becomes, which means the current method that cybercriminals utilise to target and control pools of individual users is becoming unfeasible.

Because of this, Bitdefender expects large data centres and cloud infrastructure to be next in line as their “elastic computing power enables cybercriminals to virtually spawn and control large mining farms without paying any bills.”

It is common for data centres to allow organisations to scale their business by letting them optimise costs and computing resources based on their immediate requirements.

However, Bitdefender says this is a potential way in as if virtual infrastructures become compromised and cloud admins lose authentication credentials via searching attacks, social engineering, or unpatched security vulnerabilities, cybercriminals wrest control.

From there it’s a simple process of spooling up powerful and resource-intensive rogue virtual instances that come pre-installed with cryptocurrency mining malware.

“Since it may take several weeks – or until the bill comes in – to spot rogue virtual hosts, hackers would have already mined tens or hundreds of thousands worth of cryptocurrency while the affected organisation is left holding the power/services bill,” the report states.

Bitdefender says cybercriminals exploit new cryptojacking techniques by limiting the strain put on the CPU.

“By leveraging Powershell, scripts or advance exploits to avoid endpoint detection, attackers can effectively run mining software directly within the memory of the targeted server,” the report states.

“Because a server update is always a key business factor and because the attack does not fully throttle the CPU, it can remain undetected for a considerable time. Attackers have proven creative and can use any client or server-side attack techniques to deliver their payload and start mining away, consuming a company’s hardware resources.”

Bitdefender says it’s time (if not already) that data centres take cryptomining attacks seriously as there are a number of potentially disastrous outcomes.

Obviously, a confirmed and successful cryptojacking attack of a data centre can indicate the presence of a security gap that could be leveraged by further attacks – which could be devastating for a business’s continuity and reputation.

Bitdefender says mining for cryptocurrencies puts sustained stress on the hardware components being used – specifically CPU and GPU – which may degrade their capabilities a lot faster than estimated.

“Speeding up CPU cycles heavily impacts consolidation ratios and virtualisation density in your data centre. Which is why when workloads are infected by cryptojacking, most infrastructure admins or dev-ops quickly solve the situation by increasing resources on the workloads to bring services on-line,” the report states.

“At this point, some don’t investigate further, content that the problems are solved. Constant throttling of CPUs and GPU at 100 percent ultimately burns them out, rendering them useless. This directly translates into operational costs for the data centre as they need to be quickly replaced so as not to affect performance.”

And then there is power consumption. CPU’s under constant constrain will use more power equating to accumulated IaaS bills with no apparent cause, forcing data centres to purchase more resources to reestablish critical services.

According to Bitdefender, the amount of energy consumed is turning into a real economic problem as powerlines are becoming overburdened and hardware prices are going through the roof – particularly graphics cards.

On an interesting note, DigiConomis has estimated Bitcoin mining to be more energy-intensive and generate a larger carbon footprint than goldmining. Meanwhile, experts have predicted  that as early as 2020 cybercriminals will use the same amount of power in a year for mining as the rest of the world uses annually.

So the moral of the story? Data centres beware of mining.

MulteFire announces industrial IoT network specification
The specification aims to deliver robust wireless network capabilities for Industrial IoT and enterprises.
Google Cloud, Palo Alto Networks extend partnership
Google Cloud and Palo Alto Networks have extended their partnership to include more security features and customer support for all major public clouds.
DigiCert conquers Google's distrust of Symantec certs
“This could have been an extremely disruptive event to online commerce," comments DigiCert CEO John Merrill. 
Schneider Electric's bets for the 2019 data centre industry
From IT and telco merging to the renaissance of liquid cooling, here are the company's top predictions for the year ahead.
China to usurp Europe in becoming AI research world leader
A new study has found China is outpacing Europe and the US in terms of AI research output and growth.
Fujitsu’s WA data centre undergoing efficiency upgrade
Fujitsu's Malaga data centre in Perth has hit a four-star rating from National Australia Built Environment Rating System (NABERS).
Google says ‘circular economy’ needed for data centres
Google's Sustainability Officer believes major changes are critical in data centres to emulate the cyclical life of nature.
How to keep network infrastructure secure and available
Two OVH executives have weighed in on how network infrastructure and the challenges in that space will be evolving in the coming year.