decrypting myths
Barry Shteiman, VP Research and
Innovation at Exabeam
cryptojacking. And cryptojacking has
become a serious global problem.
Why does cryptocurrency
consume so much energy?
Mining cryptocurrency can be CPU or
GPU intensive and, therefore, power
intensive. To understand how mining
functions, let’s look at how the Bitcoin
currency works.
Satoshi Nakamoto, the pseudonym
for the anonymous Bitcoin creator(s),
developed a way to exchange tokens
having value online – without using a
centralised system such as a bank.
Instead, all transaction record keeping
occurs in a decentralised Blockchain
database residing on thousands of
distributed machines. These comprise
the Bitcoin network.
Mining computers collect pending
Bitcoin transactions, known as a ‘block’,
The best thing
organisations can do
is look for anomalies
in their bills and, if
seen, start looking for
suspicious activity.
78
which are turned into a mathematical
puzzle. Solving these mathematical
puzzles is what consumes compute
power. In uncovering the solution, a
miner then announces it to the network.
Other miners check if the sender of
funds has the right to spend the money
and whether the puzzle solution is
correct. If enough approve, that block is
cryptographically added to the ledger
Blockchain and the miners move onto
the next set of transactions.
The miner who originally found the
solution receives 25 Bitcoins as a
reward, but only after another 99 blocks
have been added to the ledger – hence,
the incentive for miners to participate
and validate transactions.
Who could be mining
cryptocurrency inside
your organisation?
Within an organisation, we categorise
the potential threats in four buckets:
• The malicious insider: This may be
someone who has access to high-
performance computing systems and
logs on during the evening to engage
in cryptomining. The scenario might
even involve this person receiving
kickbacks to participate
• The compromised insider:
This can occur when someone
unwittingly succumbs to a phishing
scam, clickbait or a drive-by
(where software is downloaded for
Issue 06
|
www.intelligentciso.com