A new report published by manufacturers’ organisation EEF in partnership with insurance firm AIG and the Royal United Services Institute (RUSI) shows that 48% of UK manufacturers have been subject to a cyber-security incident at some time.

Loss and Disruption

Half of those manufacturing companies who admit to being hit by cyber-criminals have said that the incident(s) caused financial loss or disruption to business.

Challenges

The report highlighted several key challenges that the manufacturing industry faces in making itself less vulnerable to cyber-criminals. These challenges include:

• The age of equipment and the networked nature of production facilities. Many industrial systems are up to 20 years old and were developed before cyber threats became a big issue. As a result, poorly protected office systems, often the first implemented historically within manufacturing businesses, are particularly vulnerable. Also, a networked building, such as many manufacturing sites, can be hacked and exploited.
• Many manufacturing companies hold a large amount of classified information e.g. intellectual property (IP) and trade secrets, which makes them targets for (for example) financially motivated, state-sponsored hackers.
• Having no idea of the nature and size of the risks. 41% of manufacturing companies don’t believe they have access to enough information to assess their true cyber risk, and 12% of manufacturers admit they have no technical or managerial processes in place to even start assessing the real risk.
• A lack of basic detection that a cyber attack is taking place / has taken place, and a lack of investment in training i.e. 34% do not offer cyber-security training.
• Feeling that they are not equipped to tackle the risk anyway. For example, 45% are not confident they are prepared with the right tools for the job.
• A lack of confidence. Although 91% of the 170 UK manufacturing businesses polled are investing in digital technologies, 35% think that cyber vulnerability is inhibiting them from doing so fully.

What Does This Mean For Your Business?

The latest attacker behaviour industry report by automated threat management firm Vectra shows that UK higher education institutions are now prime targets for illicit cryptocurrency mining, also known as ‘cryptojacking’.

Cryptocurrency Mining

‘Cryptocurrency mining’ involves installing ‘mining script’ code such as Coin Hive into multiple web pages without the knowledge of the web page visitor or often the website owner. The scammer then gets multiple computers to join their networks so that the combined computing power will enable them to solve mathematical problems. Whichever scammer is first to solve these problems is then able to claim / generate cash in the form of crypto-currency – hence mining for crypto-currency.

Taking Coin Hive as an example, this crypto-currency mining software is written in Javascript, and sends any coins mined by the browser to the owner of the web site. If you visit a website where it is being used (embedded in the web page), you may notice that power consumption and CPU usage on your browser will increase, and your computer will start to lag and become unresponsive. These slowing, lagging symptoms will end when you leave the web page.

Why Target Universities?

According to Vectra report, the UK’s universities are being targeted by cryptojackers because they have high bandwidth capacity networks, and they host many students on their networks who are not protected. This makes them ideal cyber-crime campaign command and control operations centres.

This means that students who are using the bandwidth e.g. to watch movies online could unwittingly be giving cyber criminals access to computing resources in the background by using websites that host cryptojacking malware.

It is also believed to be possible that the relative anonymity and power of the computing resources at universities are enabling a small number of students to tap into them, and carry out illicit cryptocurrency mining activities of their own.

Other Targets

Higher education institutions are, of course, not the only main targets. The report highlights the entertainment and leisure sector (6%), financial services (3%), technology (3%) and healthcare (2%) as also being targets for cryptojackers. The effects of being targeted by cryptojackers can be increased power consumption and a reduction in hardware lifespans.

What Does This Mean For Your Business?

For higher education institutions, they can only issue notices to students they detect cryptomining, and / or issue a cease and desist order. They can also provide assistance in cleaning computers, and try to advise students on how to protect themselves and the university by installing operating system patches and creating awareness of phishing emails, suspicious websites and web ads. These measures, however, don’t go far enough to address the challenge of better detection, and / or stopping cryptomining from happening in the first place.

Businesses are also struggling to keep up with the increasingly sophisticated activities of cryptojackers and other cyber-criminals, particularly with a global shortage of skilled cyber-security professionals to handle detection and response. In the meantime, the answer for many enterprise organisations has been the deployment of artificial intelligence-based security analytics. Where cryptojacking is concerned, AI is proving to be essential to augmenting existing cyber-security teams to enable fast detection and a response to threats.

The increased CPU usage and slowing down of computers caused by mining scripts waste time and money for businesses. If using AI security techniques are beyond your current budget and level of technical expertise, you may be pleased to know that there are some more simple measures that your business can take to avoid being exploited as part of a cryptojacking scam.

If, for example, you are using an ad blocker on your computer, you can set it to block one specific JavaScript URL which is https://coinhive.com/lib/miner.min.js . This will stop the miner from running without stopping you from using any of the websites that you normally visit.

Also, a dedicated browser extension called ‘No Coin’ is available for Chrome, Firefox and Opera. This will stop the Coin Hive mining code being used through your browser. This extension comes with a white-list and an option to pause the extension should you wish to do so.

Coin Hive’s developers have also said that they would like people to report any malicious use of Coin Hive to them.
Maintaining vigilance for unusual computer symptoms, keeping security patches updated, and raising awareness within your company of current scams and what to do to prevent them, are just some of the ways that you could maintain a basic level of protection for your business.