According to a recent report, nefarious actors through the use of Amazon Web Services (AWS) are attempting to employ an illegal means of producing bitcoin.
In this report, the security intelligence group RedLock announced that it had found that at least two multi-billion dollar, multi-national companies, Aviva and Gemalto, had their AWS cloud services compromised by hackers for the purpose of using the computer power to mine bitcoin. The hackers ultimately gained access to Amazon’s cloud services after discovering that some administrative consoles weren’t password protected.
RedLock discovered that the breaches were tied to hundreds of other consuls that had been unlocked across AWS, Microsoft Azure, and Google Cloud — likely by a careless systems administrator. The two affected companies were notified by RedLock about the issues.
“Upon deeper analysis, the team discovered that hackers were executing a bitcoin mining command from one of the Kubernetes containers,” read the report. Kubernetes is a Google-created, open-source technology that simplifies the process of writing apps for the cloud.
Hackers have long had the ability to worm their way into corporate servers to pilfer data, which they usually sell for money, or provide to state-actors seeking intelligence information. But bitcoin mining is a different animal in the sense that the previously mentioned hackers are basically gobbling up and stealing pricey corporate cloud storage space.
Technically, anyone could attempt to mine bitcoin via the Amazon service. However, the process is very energy intensive and would likely subject the perpetrator to high energy costs. But it may be worth it in large part because bitcoin‘s continued meteoric rise could make it lucrative.
But it’s worthwhile for many because success can be very lucrative.
This news involving Amazon Web Services comes on the heels of another report which found that scammers are utilizing school, charity and file-sharing websites to generate crypto-cash. They are achieving this by installing code on sites that use visitor computers to “mine” cryptocurrencies. Attackers can rapidly generate cash by getting lots of computers to join the network.
Chris Olson, CEO of The Media Trust, a firm that delivers ongoing insight and security for today’s digital landscape (websites mobile apps) says:
“This incident highlights an underlying flaw in conducting business during the digital age – no one really takes the time to learn about their digital partners (authorized and otherwise) that add code and functionality to their website. The inability to monitor third-party script on a website can blindside website operators with not only security concerns but also with significant data compliance risks.”
Given these scenarios, Olson notes that continuous, real-time digital vendor risk management is imperative for any website operator seeking to fortify their defenses against rogue third-party script running on their digital asset.
When asked whether the proliferation of these sorts of hacks might eventually have a chilling effect on the global use and adoption of cryptocurrencies, Olson had this to say, “While early adopters and adventurous investors drive the growing popularity of cryptocurrencies, the wider public is still in the early stages of awareness about cryptocurrency as an investment tool.”
“When you add hacking into the mix, it can definitely stall adoption. So to dispel this consumer doubt, website owners and operators of digital asset exchanges will need to go to further lengths to fortify their website security and demonstrate a heightened security posture to their consumers.”
Olson says that in spite of the global application security market showing strong growth expected at a CARG of 17.7 percent by 2025, it’s ironic that today’s consumer-facing websites are still not immune to hacks and attacks. Digital shadow IT from unmonitored third-party code executing on websites, he says, is at the heart of this problem.
He concludes: “Companies need to identify and vet their direct and indirect digital vendors. It is that simple! Adopting a holistic digital risk management program will enable security professionals to monitor all code executing on their digital properties and defend their websites and mobile apps against breaches. This preventative stance is especially valuable in the case of cryptocurrencies, where there is a direct impact on investments, reputation, and sensitive customer information.”