Graphicroyalty - stock.adobe.com
How can IT prevent mobile cryptojacking on devices?
While most mobile platforms provide levels of security from mobile cryptojacking, IT must still be aware of the risks and procedures to address an attack.
Criminal hackers are usually several steps ahead of everyone else, and the rise of cryptojacking is the perfect example -- so IT must take preventative measures.
Cryptojacking is a malware variant that hijacks computing resources to mine cryptocurrencies for someone else and shows the dark side of digital currencies such as bitcoin and Ethereum. Much like denial-of-service attacks, cryptojacking is simply another way for attackers to grasp for ill-gotten gains using someone else's computer and network resources. Cryptojacking not only affects traditional desktops and laptops, but mobile devices as well.
Mobile cryptojacking is typically done when end users download rogue apps either knowingly and unsuspectingly, or via malicious scripts that hackers inject into vulnerable webpages or download to the mobile device. This can slow down a phone or tablet and also affect network bandwidth.
While evidence shows that mobile cryptojacking is growing, there is a silver lining. Mobile platforms such as Apple iOS and Google Android provide more security than traditional workstations. In 2018, Apple announced new cryptomining restrictions on iPhones and iPads, mitigating the threat on iOS. The efforts in addressing cryptojacking are no different than endpoint security. While this can help minimize the risks associated with this mobile threat, it certainly doesn't eliminate them.
It starts with user education. System administrators must develop and enforce minimum security standards for mobile devices. These include specific platform versions for iOS and Android and outlining what's expected while installing and using mobile apps. Another user-centric component that can work toward fighting this threat is to further flesh out phishing programs -- perhaps targeting mobile devices themselves -- and, of course, ongoing security awareness and training initiatives.
The above efforts alone can be enough to prevent mobile malware attacks. There's no such thing as a perfect security program or a user that makes good decisions all the time. Therefore, administrators must use technical controls to enforce the rules and gain more insight to respond accordingly. Existing mobile device management (MDM) controls may not be enough, though. MDM has evolved into user environment management (UEM), which has more granular endpoint controls for both mobile and traditional workstations. UEM offers better integration with more modern and advanced network security controls.
Cryptojacking is no different than any other mobile security threat. Security and IT staff need to be on board, users need to be made aware of what to do and not do, and business executives need to understand what's potentially at stake. No one really has all the right controls, visibility and insight, especially around mobile. Cryptojacking highlights the importance of bringing your mobile environment into your overall security efforts.
Dig Deeper on Mobile security
Related Q&A from Kevin Beaver
Inbound vs. outbound firewall rules: What are the differences?
Explore the differing roles of inbound versus outbound firewall rules for enterprise network security and the varying use cases for each. Continue Reading
Host IDS vs. network IDS: Which is better?
Compare host IDS vs. network IDS through the pros and cons of each, and learn how more modern systems may be better suited to ensure effective ... Continue Reading
Network security vs. application security: What's the difference?
Different tools protect different assets at the network and application layers. But both network and application security need to support the larger ... Continue Reading