Cryptominers exploit miners vulnerabilities

Cryptominers exploit miners vulnerabilities

Jan 2nd, 2019

Miners are under a new attack as Cryptominers exploit miners vulnerabilities. Programs that hijack computer resources to mine cryptocurrencies without permission are indeed a new threat in the list.

Cryptominers exploit miners vulnerabilities

In summary, the “old list” for miners reportedly encompassed for example:

  • Ransomware, which holds a company’s data hostage until a ransom is paid.
  • data leaks.
  • worms that could break down equipement “a la” stuxnet focussing on the SCADA system.

However, the real-life general list is way longer, as witnessed by a number of our own experience-based blog-posts bearing on:

Having developed a major study for a European Country’s Armed Forces, visible in a Riskope’s blogpost, back in 2015 we published a paper entitled Holistic Physical Risk and Crises Prioritization Approaches to Solve Cyber Defense Conundrums.

Mitigation strategy planning

How does one develop a tactical and strategic planning for mitigation (roadmap)? How does one know which corporate sub-systems to fix and to what degree?

Quantitative convergent, scalable and updatable Risk assessments provide all the guidance needed, and is loaded with benefits. Indeed, as every risk, vulnerability cannot be mitigated/fixed at once it is paramount to be able to discern among risks and vulnerabilities to perform operational, tactical and strategic planning.

A paper we published in 2016 (Military Grade Risk Application for Mining Defense, Resilience, and Optimization) and a presentation we gave at the Management & Economics Society of CIM, McGill University, Montréal in 2018 illustrate this point.Convergent Quantitative Cyber Risk Assessment to Optimize Enterprise Reliability

Is cyber insurance a viable solution?

Although insurance is the first idea which comes to mind, viability of risk transfer is likely not the best in the cyber world. We have discussed this in terms of “misleading actuarial data” and the complexities and speed at which cyber-threats evolve

How not to over spend over Cryptominers exploit miners vulnerabilities?

Many, including major insurers have stated that cyber costs may soon exceed the benefits. This is in stark contrast with the IoT and digitalization trend of the mining and other industries that seems to “forget the risks” in the excitement of new technological developments. We hardly see anyone going back to typewriters and carrier pigeons. However, we know that some very serious organizations are indeed going back to typewriters for highly classified documents.

In many cases information security guidelines can significantly improve the stance of a client, especially if there is a strong effort to create awareness on social engineering attacks.

The obvious next step is to develop quantitative convergent scalable, drillable and updatable risk assessments. We discussed this idea in the prior sections of this blogpost advising to deploy ORE at corporate level.

Tagged with: , ,

Category: Consequences, Optimum Risk Estimates, Risk analysis, Risk management

Leave a Reply

Your email address will not be published. Required fields are marked *

Riskope Blog latests posts

  • New achievements in risk assessment and management
  • 2-05-2023
  • Print PDFNew achievements in risk assessment and management will be attained thanks to SRK Consulting merging with Riskope. Indeed, we…
  • Read More
  • Open letter to the organizer of the tailings dam round robin exercise
  • 29-03-2023
  • Print PDFDear Ryan, please receive this open letter to the organizer of the tailings dam round robin exercise. It explains…
  • Read More
  • Landslides risk assessment and monitoring
  • 8-03-2023
  • Print PDFDuring the first couple decades of our professional life we worked extensively with Landslides risk assessment and monitoring in…
  • Read More
  • Get in Touch
  • Learn more about our services by contacting us today
  • t +1 604-341-4485
  • +39 347-700-7420

Hosted and powered by WR London.