I'll hopefully do a better announcement about this earlier in the day tomorrow, but I've updated my pinned post with more information about the following things:

- I am (re)introducing a third stream into my schedule, doing livecoding on Sunday afternoons.

- I offer free software development tutoring lessons, particularly in support of new people just getting into the industry who are in need of help! Reach out to me or fill out this Google form for info.

- I am interested in offering pro bono webmaster/web development services for organizations working for progressive change (particularly in the United States at present, but potentially elsewhere as well), including but not limited to

Community and mutual aid groups

Humanitarian organizations

Civil rights and advocacy organizations

Charity and social service organizations

Environmental organizations

If you are associated with an organization that might find my services useful (or just want to suggest an org I should reach out to), please feel free to drop me a message here.

dream smp asagao au, aka the very specific high school au

also aka the post thats very self indulgent for me and maybe 3 other people.

in short: its a dsmp high school au based on the game asagao academy, where everyone is part of a gaming club and compete against one another in tournaments. more in depth info about the AU/Asagao itself, as well as more info about the plot and roles of the AU itself.

Asagao Academy Basics

So to start, let’s cover the basics: what is Asagao Academy. ….well, an old Youtuber dating sim game (which, despite unfortunately including some fairly questionable CCs, IS still really good and well written and I recommend it) But what is it for AU purposes?

Asagao Academy is a highly elite world-wide boarding school set in Japan for those who are either rich enough to afford it, or those skilled enough to get scholarships. Within the game, there are two main clubs: Normal Boots and Hidden Block. They’re both gaming clubs, and joining is seen as super exclusive since they’re ALSO the most popular people in the school.

The two clubs compete with each other in various tournament events with specific categories. For example: Satch (from NB) and Jimmy (from HB) both compete in the “Tech and Invention” category, where they have to create/invent something related to gaming and have it judged at the event like a science fair. Meanwhile, Jared (from NB) and Wallid (from HB) both compete in “Dance” aka DDR and the person with the highest score wins.

The other categories featured in game include: Puzzle games (like Bejeweled or Tetris), Video Game Trivia, Pinball, Retro Platformers, a three-person fighting game, and 100% completion speedruns. So tldr; the categories can be kind of fiddled with and be whatever you want them to be, because even the original ones are pretty wack.

Also, there’s no rules against competing in multiple categories— in fact, most of the HB members in game do! It’s more about balancing time and practicing for them alongside school and other activities.

The winner of the competition is the team/competitor(s) with the most total wins.

Another thing to note: despite competing as clubs, they’re all actually pretty good friends. It’s all lighthearted and fun in the end, hell the leader of the opposing club even helps the main character join the main club just because he wants a decent challenge.

Speaking of… the main character! Hana Mizuno! I don’t have any current plans to include her in this AU (a la new dating routes), but I wanted to mention her for a few reasons.

For the main reason: her hair. Even as soon as she shows up, Mai (her best friend and roommate, who can break the 4th wall) immediately calls her out for her hair for looking like a main character which as we learn… isn’t an exaggeration. She’s literally a born protagonist, thus being born with naturally pink hair and a tragic backstory. Not only that, but other people are also born protagonists with pink hair as well— she isn’t an exception.

About the AU -- Revolution Era

A few things to note: in this au, when I first drafted it I… wasn’t looking to include 20+ people. I cut a lot of characters, but instead working with the idea that they’re still THERE, they just… don’t compete? Either they aren’t in the club and are just friends with the members, or they’re members who just don’t compete professionally. It’s nothing personal against those CCs and tbh as times goes they may get added more, but for now they’re just in the BG vibin.

It covers a really basic retelling of s1 for most of the planned au. It starts with One Club: the Dream Team. Members include: Dream (sophomore), Sapnap (sophomore), George (junior), Wilbur (junior), Eret (junior), and Fundy (freshman).

For reasons, possibly just as a goof or spite towards their American counterparts, Wilbur declares independence from the Dream Team and makes his OWN gaming club: L’Manberg. He takes Eret (a close friend from his grade) and Fundy (the freshman he immediately adopted) with him, causing the two teams to be 3v3.

But Wilbur’s got a dastardly surprise up his sleeve: TOMMY, HIS YOUNGER BROTHER (bc I am nothing if not a dedicated crimebros stan), AND TUBBO. They’re both too young to actually attend Asagao yet, but theres no age rules in the actual competitions so its fair play. They’re Wilbur’s secret weapon. After all, a 5v3 where the team with the most wins wins the competition? That’s a massive advantage.

… we all know how this goes though don’t we. Wilbur’s day be so fine, then BOOM, Eret betrayal 😔

In this case Eret feels it’s a LITTLE unfair to blindside them like that, plus Dream promised to make him the Leader of the Dream Team and, yknow, that kind of stuff DOES look good on resumes, so…

TLDR; Eret rejoins the Dream Team crew, as well as informing them of Wilbur’s plan with including Tommy and Tubbo and becomes leader. They’re still letting Dream and Co. basically actually do the leading, they don’t care that much, the title is just nice. L’Manberg cusses her out and promises to hold a grudge, but it’s all in good fun. After all, they’re just teens goofing around and playing. The clubs are again 4v4.

Dream tells the L’Manberg club that they can separate, sure… under one condition. They have to win the competition. If they lose, they have to rejoin the Dream Team club.

L’Manberg accepts, but come competition day… they lose. Tommy outright challenges Dream post awards to a speedrun competition for L’Manberg instead. …which Dream professionally competes in, and Tommy DOESN’T.

He loses, but he puts up a good fight despite having little to no actual practice put in, so Dream “grants” L’Manberg their “Independence”. (In this au, instead of being like… weirdly obsessive over Tommy, it’s a lot more “he sees himself in Tommy and wants to support/mentor him” and a “friendly rivalry” kind of deal bc its a damn HIGH SCHOOL AU)

So L’Manberg can be it’s own club! …Next year, when Tommy and Tubbo actually attend, since Wilbur and Fundy aren’t allowed a two person club.

About the AU -- Election Era

SO time skip! Congrats, everything up to now has been BACKSTORY. It’s now the next school year, with two main clubs (I’ve tried to keep them fairly balanced, which is why not all CCs are featured, sorry!)

Dream Team club:

Dream - junior

George - senior

Sapnap - junior

Eret - senior

Punz - junior

BBH - senior

Awesamdude - junior

Ponk - junior

L’Manberg club:

Wilbur - senior

Tommy - freshman

Tubbo - freshman

Fundy - sophomore

Schlatt - senior

Quackity - junior

Niki - sophomore

Jack - sophomore

(Also fun fact! Their grades are loosely based on the CCs actual ages! …Except Fundy, who got Baby-fied to fit the “Wilbur’s Kid” joke, and Eret bc it fit better to be the same age as Wilbur I thought. Oops HEKANDNSN)

So, for whatever Reason (listen this was an au I made in like one night when plagued with brainrot, it’s not all figured out), L’Manberg holds an election. Maybe it’s related to Wilbur wanting L’Manberg to be meaningfully different from Dream Team, maybe it’s a joke, idk!

…. SOMEHOW, Schlatt wins. Which ticks off Wilbur a lot. It’s his damn club, and the whole point was to avoid Americans, tf?? The two start to feud a lot and it threatens to split the club entirely via ppl taking sides. Worse, it means people aren’t practicing for the competition.

All while this is happening, there’s a new intrigue building. Dream catches word of an infamous player in the area, someone known to win entire competitions against teams of people all by HIMSELF. A man with bright bubblegum pink hair called Technoblade. That’s right, literal universe-assigned protagonist Techno. If Dream could enlist him, there’s no doubt in hell they’d be able to beat L’Manberg.

L’Manberg hears of him too and works to try and enlist him as well, so he basically gets courted by both clubs trying to get him to play for them to mixed results. He’s pretty chill vibin by himself, so what’s in it for him? (….I don’t know, remember how this is a WIP au I worked on once?)

Eventually, a teacher named Phil (who’s been the honorary sponsor of the L’Manberg club) gets pissed at Schlatt and Wilbur’s fighting and bans both from competing (aka this AUs version of them dying). Which fucking SUCKS for L’Manberg. They’re now going 6v8 with a wildcard player who’s undeclared on which side he’ll join, if at all.

… honestly, that’s as far as I got. Theoretically, Techno joins L’Manberg to reflect Pogtopia and they win. I never had plans to go into s2 due to its darker theme, but there are definitely changes that could (and might?) be made for the s1 plot just so it flows better.

I already had to shift Wil and Schkatt’s “deaths” to fit, unless I were to have them LITERALLY make a new club. Maybe Schlatt uses his power as Club President to make them work with Dream Team (to the point it basically merges the clubs). Sure, they might be guaranteed to win now but it removes the competition and fun as well as the spirit of OG L’Manberg. So then Wilbur rebels and makes his own club AGAIN, calling it Pogtopia with the intent to get L’Manberg back. Then Techno, intrigued with this group of like 2-3 ppl going against a team of like 13ish people, decides to join them. Idk! Alternative possible plot based more closely on s1 I guess!

I’m gonna add a list of characters in full with their age, their club, and what they compete in (if it’s already brainstormed, most ppl are unknown) below

Character List

dream (DT) - junior - speedrunning

george (DT) - senior - coding/tech and invention

sapnap (DT)- junior -

eret (DT) - senior -

wilbur (LM) - senior - rhythm game/guitar hero-esque

tommy (LM) - freshman - (possibly pick up speed running during election arc?)

tubbo (LM) - freshman - chess

fundy (LM) - sophomore - coding/tech and invention

schlatt (LM) - senior - he never actually declares what he plans to play and then gets banned anyway, aka no game kekw

quackity (LM)- junior - dance

niki (LM) - sophomore -

jack (LM) - sophomore-

punz (DT) - junior -

bbh (DT) - senior -

awesamdude (DT) - junior -

ponk (DT) - junior

technoblade (SOLO) - junior - multiple categories

FINAL BIT

here’s some scraps for ppl who know Asagao already as well as small bits I didn’t bother to write up any further

- Karl, much like Mai, is ALSO aware of the 4th wall and has time travel powers because of it.

- Purpled (undecided if he’s a solo player like Techno or has his own team he competes with that’s not a formal club) plays Literally Bedwars in competitions

- Callahan is the Dream Team club sponsor, Phil is L’Manberg’s club sponsor

- Karlnapity is real and canon bc I say so

- both for balance/laziness, every person only competes in one category. also bc it makes Techno that much more Protagonist-y that he does

- I made this AU in like February man idk I’m just vibin

- Fuck I never even included Ranboo huh

Hawk’s true self

This is just me rambling about Hawk’s character because there’s just so much to theorize and talk about. it’s probably way too long and congested so I apologize in advance

In the first arc he’s introduced in, he keeps saying how he has no self control. He says this twice and even shows it at the billboard charts where he starts speaking his thoughts. But later on as the story progresses we see that Hawks has exceptional control of himself, more specifically his emotions and his behavior. He’s so good at hiding his true feelings that it’s the reason the commission chooses him to be a double agent with the league of villains. 

It’s likely that Hawks was trained as a child for this sort of espionage activity since he himself says that he was taught negotiation skills at an early age. This is why Endeavor can’t tell when he’s being serious because Hawks always acts jokingly around him. Hawks knows this, which is why he acted so serious when giving Endeavor the coded book to let him know something was off. Some say Hawks is a chaotic neutral, and that definitely fits with how he acted during the billboard awards. However you could say he is actually lawful neutral, and is someone who always gets done what needs to be done. He wanted to support Endeavor as the number one hero and he did whatever was needed to do so. In the same way, whatever the commission wants him to do, he gets done. I think it’s clear that there are two sides to Hawks, or Keigo Takami. The chaotic and easy going hero persona, and the lawful and controlled commission pawn. I personally think that the easy going persona is how hawks really feels or how he wants to be, but after being drilled into what is essentially a child soldier, he can’t shake off what he has been trained into becoming. 

One aspect that I find interesting is how baby Keigo says he wants to be like Endeavor, but as an adult he insists that he wants the freedom of the lower ranks and that his “back isn’t wide enough”. I think this is a combination of realizing that the hero world isn’t all what he thought it was (”there are no true heros”) and knowing that as a commission pawn, his role is to work in espionage which isn’t suited to the number 1 hero. His desire that he wants all heroes to “take it easy” and how he wants to be lower in the ranks could be hinting at how he’s actually secretly tired of working for the commission or even being a hero since it’s not what he signed up for (he got roped in when he was like 4 there’s no way he knew what he was signing up for). I think Keigo definitely enjoys being a hero and wanted to be a hero, but baby keigo specifically said “shine brightly”. He wanted to shine brightly like Endeavor but instead he’s being forced to hide in the shadows and constantly lie to be people, which he stated he dislikes doing. He’s not doing the double agent job because he wants to, he’s doing it because he “has no choice” which are is own words. Heroes normally have a choice when it comes to jobs, don’t they? They are free to choose what kind of hero they want to be. But Keigo never had a choice. He owes his life and success to the commission and has been groomed to stay loyal to them. He’s a bird locked in a cage, and he even tells this to twice when asked why he sympathizes with the villains. I don’t think he was lying because the easiest way to lie is when there’s truth mixed in. And Hawks genuinely liked twice.

Now to the recent events in the manga, where things get interesting. Hawks has been getting some heat with what he did to twice but I think this moment is what solidifies all my speculations and everything I said up until this point. Hawks is good at controlling himself. However in these chapters you can see him slowly breaking down. He desperately tries to hide this fact by outright stating things like “I don’t get attached” when dabi calls him out for getting attached right after, and being very forceful and distant when facing twice. I won’t get too much into this scene cause I’ve seen other people do a better job at analyzing it and this is my first time writing about a show, ever, but basically Hawks is having difficulty separating his emotions from his duty. This is the first conflict we see between true easy going hawks and loyal commission hawks. However in the past we haven’t seen much evidence as to how connected or manipulated Hawks is with the commission. For all we know he could have been working for them willingly or quit whenever he wanted to. That all changes with all the bombshells this chapter, including baby hawks, which I talked about in the previous paragraph. With this scene, we have come to realize what the commission really means to hawks. He’s so desperate to keep his loyalty to them that I think he’s behaving rather strangely with twice and not as any other hero would. I think a normal hero would have thought that if they can’t capture him now, they would retreat and ambush them later (considering dabi in close quarters is a horrible match up for hawks and he knows it) but hawks is thinking, “If he doesn’t give up I need to *kill* him.” I don’t think any hero in bnha so far has “killed” a villain or even thought to “kill” a villain (nomus are basically dead already so that doesn't count). It’s always been defeat and capture. I’m sure Hawks could knock him unconscious but he’s desperate and tries to make up for his wavering loyalty by killing twice, the exact opposite of what he truly wants to do. He finally breaks when dabi calls his real name “Keigo Tamaki”, the name the commission forced him to abandon. The reminder of his true self is what caused Hawks to waver so much in loyalty that he went straight for the kill, almost to kill any last remaining chances of letting his emotions take over. This is what I mean when I said this moment is what solidifies my theories on his character. The commission means so much to him, or has manipulated him so much that in order to keep his loyalty to him, he kills someone he thought was a good person. This just shows how deep the brainwashing has gone to Hawks. Why is he so desperate to keep his alignment with the commission? Because he has no identity outside of them. They have guided and controlled him his entire life and as much as he wants to be free, he’s been trained to never betray them. He’s a man that does whatever it takes to get things done and in that moment he thought he had to stop twice, stop his wavering loyalty, stop his questioning of heros.

tldr; Hawks wanted to be a hero that shines brightly but the commission forced him to become the opposite, making him see hero society for what it really is, a corporate industry for money and fame. He seemingly accepts this, seeing how he talked about the importance of popularity at the billboard awards, but Endeavor still holds a sentimental place in his heart as a great hero that shines brightly. This explains why he doesn’t like all might, he sees him as a “too perfect” hero, almost too good to be true, while endeavor breaks down barriers, even when it’s impossible. Also Hawks has a bias against Endeavor because he saved him as a kid. 

Well this got off track real fast, *real tldr;*: Hawks has two sides to him which worked together, as easy going hawks just accepted his own situation, and the fact that he’s a pawn for the commission. The commission are the good guys so he doesn’t really care that they control him. He’s just that selfless of a guy. However after having to betray people he likes, his morality and sense of loyalty wavers and in the end his commission self overwrites what he truly wanted to do.

This is important because the commission self needs to be established as the one controlling Hawks before his character can get broken down and get development, and in the end his true self can prevail and he can be free.

I have always got the feeling that Hawks is a selfless person. He got roped into being the kind of hero he didn't want to be but accepts it because he knows the heros are the good guys and in the end he's helping people. It doesn't matter that he's not where he truly wants to be. He's been so brainwashed by the commission that he believes his own feelings don't matter either.

I’m looking forward to how the story goes but I almost don’t want to get my expectations too high in case things go nothing the way I expect. It’s going to be torture waiting for season 5 to come out. Even the weekly chapters are starting to be torture lol 

also im so sorry this is so messy and unedited and I don’t even like writing I’m an art student not an english major so there’s probably grammatical errors but I just had to get all my thoughts down. If you actually read till the end you’re a madman and I love you.

Original Post from SC Magazine Author: victorthomas

Don’t let unauthorized cryptocurrency “miners” steal your company’s computer power — or worse!

Cryptomining — the name itself sounds like it is almost like printing money using your computer. And it just might be for individuals, investors, and others with the right mix of savvy, capital, good timing, and a whole lot of luck.

But cryptojacking — cryptomining via malware and other attack vectors — is a fast-growing threat not just to owners of individual computers and mobile devices, but also to organizations of all types and sizes, putting the security, availability, reliability, and operational costs of their computers and networks at risk.

That makes cryptojacking another threat category to add to your IT security team’s Fight-Us list, alongside a laundry list of threats, including viruses and malware, distributed denial of service (DDoS) attacks, phishing, spyware, hackers, rootkits and ransomware.

Cryptocurrency might be a relatively new form of digital currency, where the uniqueness of each “coin” and transactions involving it rely on encryption, but already it has gained a foothold. Bitcoin, the first cryptocurrency, is barely a decade old yet it holds 36 percent of the cryptocurrency market share, among challengers such as Ethereum, Digital Note, LiteCoin, and Monero, according to the news site CNBC.

Cryptomining refers to the computerbased tasks essential to the operation of a cryptocurrency’s ecosystem, in particular, the blockchain distributed digital journaling of transactions.

“Blockchain is predicated on cryptographic processes that verify each transaction to validate the authenticity of each block of the transaction,” explains Rich Skinner, senior principal in the cybersecurity practice at West Monroe Partners in Chicago. “Cryptomining solves the next block to support transaction authenticity.”

It is important to note that cryptominers are not directly creating or finding the cybermoney. Essentially their computer power is racing against all other cryptominers, large and small, to complete a minimum required amount of activity and be the first to submit a qualifying solution to the arithmetic “puzzle.” The first to solve the puzzle, which can then be confirmed by others, earns the virtual coin.

The cryptomining programs from the various cryptocurrency offerings can be run on any computer, mobile device, and on most other devices that have Internet connectivity, even a small, embedded computer chip. Individuals with a few spare CPU cycles on their PC or mobile device can easily, and legitimately, hop on the cryptomining bandwagon by downloading one of the cryptomining applications, with the caveat that mining coins with a single cell phone or consumer-class computer is like trying to win a Formula 1 road race wearing one roller skate and being towed by a turtle.

Erin Nealy Cox, U.S. Attorney for the Northern District of Texas

The next step up: buy or build a system that is optimized for cryptomining using either multiple graphic cards (GPUs) or cryptomining-optimized, application-specific integrated circuits (ASICs). Typically these system can cost from $3,000 to $15,000.

There are, of course, third-party services as well. One could simply rent cycles from one of the Cryptominingas-a-Service cloud offerings or join a “mining pool,” combining your computing resources with other users’ resources. For those with a lot of money, expertise, electric power, and optimized hardware, the largest option is to build a “crypto-farm” — essentially a massive data center with potentially thousands of servers and all of the associated challenges and security issues that come with running a data center. It is useful to note that the mining hardware need not be actually servers — there are published reports of cryptomining farms built using smart phones.

Needless to say, the potentially illegal approach is to steal computer cycles. One nefarious approach is to get direct access to existing computer power on other people’s machines by offering web services, such as games, streaming content, and other services, which run cryptomining web apps on those devices while the application’s tab is open in the user’s browser. One could argue that this is being done with the user’s knowledge and permission, although that does not always turn out to be the case; sometimes the “We’ll mine while you browse” advisory is less than obvious.

One criminal approach is simply to invade insufficiently-protected web browsers, servers, and other devices and steal IT resources to surreptitiously cryptomine.

In it for the money or more

From a practicality viewpoint, if you are doing computer crime for the money rather than non-monetary motives such as ego gratification, proof-of-concept, revenge, political activism, or cyberterrorism, cryptojacking makes a lot of sense.

First, cryptojacking potentially results in obtaining cryptocurrency without the attacker going through risky intermediary steps such as ransom, blackmail, or offering stolen data for sale. Also, the IT resources being stolen might not yet be on the security team’s radar.  Finally, any cryptocurrency “loot” a surreptitious, illegal cryptomine generates is itself legitimate.

One challenge companies face is that the criminal element for mining often has different goals from those who send out malware or conduct other types of cyberattacks.

The problems associated with cryptojacking is widespread, according to law enforcement. “We have started seeing cryptojacking cases become more and more prevalent in our district as cyber criminals find new and more discrete ways of stealing computer power and data, from organizations and individuals,” reports Erin Nealy Cox, U.S. Attorney for the Northern District of Texas.

Not surprisingly, the types and number of cryptojacking attacks have been growing rapidly over the past several years and the number and sophistication of attacks will only get worse, experts warn.

“In itself, cryptocurrency mining is not malicious: the CPU is used to compute mathematical operations,” says Xavier Mertens, a cybersecurity consultant based in Chastre Chastre-Villeroux-Blanmont, Wallonia, Belgium, and a SANS Internet Storm Center Senior Handler. “There is no leak of data, no malicious activity like DDoS, or ransom of data.”

But that is neither an excuse nor a justification; it is, however, an indicator of strategic savvy of a potential attacker.

The goal of cryptojacking is not unlike a traditional advanced persistent threat in that the attacker wants to make it so you do not notice any unusual activity. They do not want to “melt your systems down or use too much, [but rather] keep it at a level where it is effective but not noticeable,” says Roy E. Hadley, Jr., an attorney at Adams and Reese LLP in New Orleans. “You’re seeing some viruses that can control the CPU usage…if they can keep it at a place where you don’t notice it, but it’s effective to them, it can go on for years.”

But not all cryptojacking is subtle or without negative impact.

“You can find 10-90 percent degradation of computing capacity,” notes Hadley.

The experts agree that on mobile devices, cryptojacking can run the battery down in two to three hours and potentially raise the device’s temperature higher than the recommended maximum by more than 40 degrees Fahrenheit — enough to damage the hardware permanently.

“Using more CPU cycles can have nasty side effects,” agrees Mertens, such as “a risk of system overload which can be critical in real-time operations. And for cloud-hosted infrastructures, [there is] the risk of higher bills if CPU cycles are counted in the monthly bill.”

Skinner agrees. For cryptojacking attacks sophisticated enough to evade direct detection, “The net impact to the organization is hidden costs they were not expecting and that can hardly be traced back to the original intrusion,” he says. “Consider this — every CPU cycle requires power consumption that generates heat. An organization impacted by cryptojacking will draw more electricity, increasing heat requiring higher air conditioning usage, also increasing utility costs.”

Cryptojackers typically use the same methods and toolkits as other viruses, malware and other attacks in order to gain access to a corporate network: phishing and other spam email, web malware, malicious URLs, digital advertising networks, and the like. Some attacks are more direct, such as installing a rogue device above an acoustic ceiling tile, or perhaps putting a rogue server under a data center’s raised floor; both approaches have been in the news recently after data center security teams identified insider attacks and tracked down the devices hidden inside the offices of the victimized companies.

“In the beginning cryptominers were delivered like a normal malware,” says Mertens. “They were delivered as a Windows, Linux, [or other] binary that was executed once delivered to the target. Now we saw an increase of cryptomining attacks delivered as JavaScript code and running in the browser. The victim has just to visit a malicious page. I also found recently that some library files, such as an old version of JQuery, were modified and a cryptominer added.”

Tom Henderson, principal researcher at ExtremeLabs, Inc., a systems research and analysis organization in Bloomington, Ind., says that unsecured Docker container images also can get infected by cryptojacking attacks.

Andre McGregor, member, board of directors, National Cybersecurity Center (NCC); partner & global head of security, TLDR Capital

Andre McGregor is a member of the board of directors for the National Cybersecurity Center (NCC), a former supervisory special agent at the FBI and now a partner and global head of security at TLDR Capital, a global investment and advisory firm that specializes in blockchain tokenization projects and their interface with public markets. “In my history in the FBI’s cybercrime squads, you tend to have four types of adversaries: people — individuals and groups just trying to find targets of opportunity; criminal organizations — all very organized; nationstate actors; and, although less likely here, cyberterrorists.”

While illegal cryptomining itself might not directly interfere with or damage corporate IT systems, data, operations, or utility bills — the amount of impact can be difficult to determine, experts agree — that does not reduce the security concerns.

Servers make ideal targets, McGregor points out. “Malware wants whatever it infects to maintain persistence, something that will stay on all the time, doesn’t need to get restarted, because the malware may not start back up. Servers are the most ideal as persistent targets because they don’t get restarted often.”

McGregor says that while he was working for the FBI, he saw other questionable uses for this type of software. “People will weaponize other malware, put in other capabilities, [and] might say ‘oh it’s just mining for Monero’ and not worry about what more it may have done.”

But, he adds, “The next iteration of cryptojacking may include tools that could allow for remote access, the capability to do keylogging…the mere fact that there’s a script that can execute and be given privilege to run means it can also do other things.”

Henderson agrees. “The same malware app that downloaded a cryptomining app — often to be unwittingly installed as a browser app/plug-in — can be used as an infection vector/file-loader for other misuses,” he says.

Fighting cryptojacking attacks

There is a lot that organizations can do to combat cryptojacking, much of which, says McGregor, “is part of or easily added to your organization’s current IT security policies, procedures, and tools.”

Rich Skinner, senior principal, West Monroe Partners

Skinner concurs, noting that “At the end of the day, the basics of information security and basic hygiene of your IT systems are first and foremost the key to having a solid information security strategy and plan.”

Implementing cryptojacking-oriented procedures and tools should be part of every data security set of policies and procedures. These include:

•  Secure web browsers including any plug-ins or extensions. Make sure systems are blocking cryptojacking adware and malware, and check/test browsers (and their plug-ins/ extensions) specifically for cryptomining malware. Some browser vendors have tools that can assist in testing for cryptojacking malware.

•  Consider application and URL whitelisting and blacklisting. Make sure the “block” list includes known/suspected cryptojacking and other cryptocurrency entries.

•  Block cryptojacking “phoning home,” since the mining results have to be sent back to the cryptocurrency’s command-andcontrol (C&C) server. Artificial intelligencebased monitoring might help, since the messages are typically short and do not look like typical malware activity. Deep-packet inspection might be required since the messages could be encrypted.

•  Monitor servers and power distribution units (PDUs), not just CPU activity. Power use, temperature, fan speed, memory use, and drive space usage could indicate cryptojacking in progress.

“The management consoles for most enterprise servers let you configure and monitor alerts, since if any of those factors goes, you lose the server,” says McGregor. In terms of cryptojacking, “Any sudden jumps may indicate an attack has ‘succeeded.�� And anything going to 100% is definitely suspect.”

As with all computer security activity, educate your employees about cryptojacking. “The typical user won’t notice anything until it becomes slow or sluggish,” says McGregor. The National Cybersecurity Center (NCC) is working to improve user awareness abut exceedingly long CPU times, what processes are running that are causing these CPU spikes, and highload CPU processes pointing to a web browser with a malicious tab.

Educating all users is essential; even those who might not work directly with company computers are likely to have a companyowned or personal mobile device, McGregor urges. Cryptojacking education should not be limited to a separate 15- to 20-minute presentation, he notes. “It tends to be part of an IT security awareness presentation that’s typically half a day, covering all cyberthreats — including cryptojacking.”

Preparing for the inevitable

“Organizations should start planning for potential cryptojacking incidents now and walking through different threat vectors and scenarios across the organization,” urges Skinner. “We highly recommend conducting tabletop exercises, and having a formalized incident response and incident recovery plans available to be leveraged across the enterprise.”

He also suggests that CISOs be ready to reach out to various law enforcement agencies if and when a breach occurs. “We also highly recommend you know your law enforcement community and have relationships or points of contact if you need them.  This should be proactive and part of your overall strategy and should include the U.S. Secret Service, FBI, and state [and] local law enforcement. External legal counsel and [public relations and] media firms should be identified as part of these tabletop exercises as well.”

In particular, Skinner says, “The SEC requires publicly-traded companies to report any cyberattack or event. This includes cryptomining, not just demands for money, or theft of customer data. On the other hand, for hospitals, HIPAA (Health Insurance Portability and Accountability Act) applies when patient data has been compromised, and cryptojacking does not necessarily mean that data has been exfiltrated — you need a forensic and legal team to look for that and to make a determination if the data was compromised, whether or not it was exfiltrated.

Discovering cryptojacking must be considered as a security incident, and handled as one, adds consultant Mertens. “Nobody really knows the scope and scale of cryptojacking. Big companies that have sophisticated systems will try to block and mitigate. Smaller companies will always be at greater risk, because they don’t have the systems or people to detect the problem. If a cryptojacker can keep their illegal cryptomining activity to where it isn’t impacting day-to-day operations, many companies won’t notice it’s occurring.”

An essential part of finding and stopping any cyberbreach is how the company and all of its employees internalize security. “Have a culture of security,” says attorney Hadley. “Don’t just be looking for specific things. Be like a doctor looking at a patient’s big picture and monitor your systems for unusual activities at the processor level; watch for unusual data inflow and outflow.”

And on the off chance that you are not already doing full on-and-off-site backups of data along with system images, the experts agree, start doing that.

The post Cryptojacking: The growing malware menace appeared first on SC Media.

#gallery-0-5 { margin: auto; } #gallery-0-5 .gallery-item { float: left; margin-top: 10px; text-align: center; width: 33%; } #gallery-0-5 img { border: 2px solid #cfcfcf; } #gallery-0-5 .gallery-caption { margin-left: 0; } /* see gallery_shortcode() in wp-includes/media.php */

Go to Source Author: victorthomas Cryptojacking: The growing malware menace Original Post from SC Magazine Author: victorthomas Don’t let unauthorized cryptocurrency “miners” steal your company’s computer power — or worse!