By Fran Garcia
When it comes to cloud security issues, usually the topic of data loss, leakage and privacy comes to mind. It seems that every other day there is a new report of compromised user data in the hands of bad actors. While this is an issue of the utmost importance, there is one threat in particular that cloud users should pay close attention to: compromised cloud accounts used for cryptocurrency mining.
Google’s Threat Horizons Report notes that of 50 recently compromised GCP instances, 86% of the compromised Google Cloud instances were used to perform cryptocurrency mining.
|
Resultant Actions after Compromise |
Percentage |
|
Conduct cryptocurrency mining |
86% |
|
Conduct port scanning of other targets on the Internet |
10% |
|
Launch attacks against other targets on the Internet |
8% |
|
Host Malware |
6% |
|
Host unauthorized content on the Internet |
4% |
|
Launch DDoS bot |
2% |
|
Send spam |
2% |
Note: Totals do not add up to 100% as some compromised instances were used to perform multiplemalicious activities
What is Cryptocurrency Mining
Crypto mining involves using high-power computers that can solve very complex math problems that blockchain systems have generated. For doing this, crypto currencies award miners with a certain amount of a given cryptocurrency. In order to mine, complex mining rings are used, and the more computing power they have, the easier it is to get their hands on more cryptocurrency. As you can suspect by now, accessing the power of cloud computing through compromised accounts has become very attractive for hackers.
5 Ways To Protect your Cloud Account
Google notes that actors gained access to the Google Cloud instances by taking advantage of poor customer security practices or vulnerable third-party software in nearly 75% of all cases. Here are some steps you could take to make sure you don’t fall victim to crypto currency hackers.
- Conduct an audit to make sure that none of your credentials have been exposed (github, cloud source repositories ,etc)
- Follow the principle of least privilege when allowing access
- Audit your current permission settings (you can use tools like Stackidriver or Splunk)
- Set up consumption and spending alerts, and set up spending limits so that no charges can account after a certain amount.
- Avoid assigning Owner or Admin roles
Crypto Hacking, a Cloud Security Threat That You Might Need to Pay Closer Attention To – Final Words
Although Google’s report attributed the majority of the hacking to poor security hygiene, the reality is that hackers will look for the smallest weakness to exploit. As a result, you should avoid relying on standard setups and take an active role in securing your account.
-Fran
Image: canva.com