October 13, 2017 | By Stone Tillotson
Cyber criminals have found a new avenue to instant riches: mining bitcoins. With the stratospheric rise in the cryptocurrency's value (up 650% in one year), the security firm Redlock reports that enterprising hackers have begun to compromise Amazon Web Services (AWS) accounts to mine bitcoins. The scalable nature of AWS cloud machines gives them an edge over the typical botnet and, by compromising business accounts, the extra processing power allocated might not raise any red flags. In the cases thus far identified, whatever data that might be present in the breached accounts appears to be of, at best, secondary value and is often ignored. This represents a reversal of the typical modus operandi, and with sudden changes like this, companies will need to adjust their threat matrices and skillsets accordingly.
IISP Analyst Stone Tillotson: "Hackers respond to incentives just like anyone else, and it shouldn't be too surprising literally making money is more appealing than fencing or ransoming data. But, Bitcoin's meteoric rise and the entailing results fuel questions about the wider direction of cybercrime. Given the quick pace of technological change and cybercrime's marriage to equally volatile currency markets, how will we predict where they go next? Cybersecurity personnel are a limited resource, so hardening every potential target isn't feasible. When rapidly changing incentives push hackers in new directions or bring them back to neglected targets, allocating one's security budget might start to resemble prognostication. Noting this problem starts with economics, economics itself might provide the solution. Microeconomics has been successfully applied to forecast terrorism, perhaps it's time to apply those insights to cybersecurity as well. Add to those insights organizational data and a bit of machine learning, a company might derive a much clearer picture of when and what might be at risk."
For further reading
- Redlock Report: https://info.redlock.io/hubfs/WebsiteResources/RL_Cloud_Security_Trends_Oct_2107.pdf?t=1507325492499
- Business Insider: http://markets.businessinsider.com/currencies/BTC-USD