SlideShare a Scribd company logo

Crypto Mining Threats and Prevention

M
Miguel Hernández y López

The document discusses crypto mining attacks that impact businesses. It describes what crypto mining is, how attacks work by abusing others' hardware and resources, and the business impacts of lower productivity and increased costs. It provides recommendations for preventing attacks such as patching systems, using intrusion prevention systems, and implementing advanced protection technologies as part of an enterprise security architecture.

Internet
1 of 42
Download to read offline
1©2018 Check Point Software Technologies Ltd.©2018 Check Point Software Technologies Ltd. Elier Cruz | Global Enterprise Security Architect CRYPTO MINING, A THREAT IMPACTING THE BUSINESSES What is it? How to prevent?
2©2018 Check Point Software Technologies Ltd. The Global Risks Report 2018
3©2018 Check Point Software Technologies Ltd.
4©2018 Check Point Software Technologies Ltd.
5©2018 Check Point Software Technologies Ltd. So, which is it?
6©2018 Check Point Software Technologies Ltd. Weekly Mining Attacks Detected by ThreatCloud 0 1,000,000 2,000,000 3,000,000 4,000,000 5,000,000 6,000,000 7,000,000 8,000,000 9,000,000 6-Aug-17 6-Sep-17 6-Oct-17 6-Nov-17 6-Dec-17 6-Jan-18 6-Feb-18 Nov-28: Bitcoin crosses $10K
7©2018 Check Point Software Technologies Ltd. It’s everywhere 55% of organizations attacked in December
©2018 Check Point Software Technologies Ltd. 20M USD STOLEN IN THE MEXICAN FINANCIAL SYSTEM..... REALLY?!
9©2018 Check Point Software Technologies Ltd. THE CRYPTO-CURRENCY MINING INDUSTRY
10©2018 Check Point Software Technologies Ltd. ADD TRANSACTIONS INTO A CRYPTO-CURRENCY PUBLIC LEDGER What is crypto mining? SOLVE A PUZZLE GET A REWARD
11©2018 Check Point Software Technologies Ltd. SHOW ME THE MONEY BITCOIN MINING REWARD 12.5 BTC Every 10 minutes $98,225.00= Every 10 minutes= ANNUAL MINING REVENUE$5.4B and that’s just bitcoin… … 1 = $7,858 May 23rd , 2018 exchange rate
12©2018 Check Point Software Technologies Ltd.
13©2018 Check Point Software Technologies Ltd. 27 Nov 2017
14©2018 Check Point Software Technologies Ltd. 22 Feb 2018
15©2018 Check Point Software Technologies Ltd.
16©2018 Check Point Software Technologies Ltd. What’s a mining attack?
17©2018 Check Point Software Technologies Ltd. The Cryptojacking Motto: In every CPU there’s a hidden miner  Abuse someone else's hardware  Let someone else pay the electricity bill
18©2018 Check Point Software Technologies Ltd. MINING ON SOMEONE ELSE’S CPU 1. MINING MALWARE 2. MINING APPS • Infect endpoints & servers • Mine 24/7 3. MINING JAVASCRIPT • Install on mobile devices • Mine till the battery dies • Infect websites & ad networks • Mine the surfers $3MMINED BY A SINGLE ATTACKER Source: Check Point research, February 2018
19©2018 Check Point Software Technologies Ltd. BUSINESS IMPACT OF MINING ATTACKS Exhaust server CPU  Poor Service / Denial of Service CONSUME SERVER RESOURCES MINING HACKERS LOVE THE CLOUD
20©2018 Check Point Software Technologies Ltd. 21 Feb 2018
21©2018 Check Point Software Technologies Ltd. Large Telco, US Recently… “Something penetrated our cloud. Our monthly AWS bill is up from under $10K to over $100K” FINDINGS  AWS instance penetrated  Infected with mining malware  Auto-scaled to dozens of instances
22©2018 Check Point Software Technologies Ltd. BUSINESS IMPACT OF MINING ATTACKS LOWER USER PRODUCTIVITY Slow down PC Drain mobile/laptop battery Exhaust server CPU  Poor Service / Denial of Service Trigger cloud auto-scale  $$$ CONSUME SERVER RESOURCES
23©2018 Check Point Software Technologies Ltd. JAVASCRIPT MINING IN THE BACKGROUND
24©2018 Check Point Software Technologies Ltd. BUSINESS IMPACT OF MINING ATTACKS LOWER USER PRODUCTIVITY Slow down PC Drain mobile/laptop battery Exhaust server CPU  Poor Service / Denial of Service Trigger cloud auto-scale  $$$ CONSUME SERVER RESOURCES HARM REPUTATION & CUSTOMER SATISFACTION By exploiting a company website to mine it’s customers
25©2018 Check Point Software Technologies Ltd. 23 Feb 2018
26©2018 Check Point Software Technologies Ltd. PREVENTING MINING ATTACKS
27©2018 Check Point Software Technologies Ltd. 1. PATCH YOUR SYSTEMS! BUT KEEP IN MIND… • Perfect patching & hardening for 100% of systems is usually impractical • It won’t protect you from zero-day vulnerabilities • It won’t protect your users from social engineering
28©2018 Check Point Software Technologies Ltd. Protect users from websites with mining javascript 2. USE AN IPS USERS SYSTEMS ORGANIZATION ATTACKER IPS Protect servers and endpoints from vulnerability exploitation Real-time virtual patching for the entire organization
29©2018 Check Point Software Technologies Ltd. Financial opportunity drives attack sophistication 3. ZERO DAY PREVENTION Majority of attacks can’t be detected by signatures May 2017 Known Unknown43% 57%
30©2018 Check Point Software Technologies Ltd. WHAT IF YOU’RE ALREADY INFECTED?
31©2018 Check Point Software Technologies Ltd. The difficult way… MONITOR THE CPU Look for anomalous usage patterns Constantly monitor on all your systems
32©2018 Check Point Software Technologies Ltd. INTERCEPT MINING CnC Use ANTI-BOT Detect and block mining traffic (and all other infections)  Stops the mining activity  Alerts on infected host Anti-Bot activated PC infected with XMRig miner The recommended way…
33©2018 Check Point Software Technologies Ltd.
34©2018 Check Point Software Technologies Ltd. SandBlast empowers you to achieve the best cyber protection in the industry Make sure you ̶ Cover all attack vectors ̶ Utilize all technologies ̶ Integrate with your infrastructure (Mail system, Proxy, DNS, …) ̶ Optimize and monitor Summary MINING ATTACKS CAN BE PREVENTED Patch your systems Implement advanced protection technologies Enterprise Security Architecture THE SAME PRINCIPLES PREVENT ALL CYBERATTACKS
©2018 Check Point Software Technologies Ltd. [Internal Use] for Check Point employees​
36©2018 Check Point Software Technologies Ltd. [Internal Use] for Check Point employees​ Forrester Zero Trust & Check Point Software
37©2018 Check Point Software Technologies Ltd. [Internal Use] for Check Point employees​ Cybersecurity is Human problem, not Machine problem
38©2018 Check Point Software Technologies Ltd. [Internal Use] for Check Point employees​ Enterprise Security Architecture https://research.cloudsecurityalliance.org/tci/index.php/explore/information_services/
39©2018 Check Point Software Technologies Ltd. NETWORK Shared Threat Intelligence Consolidated Security Management [Internal Use] for Check Point employees​ Multi & Hybrid Cloud Headquarters Branch Access Control Multi Layered Security Advanced Threat Prevention Data Protection Access Control Multi Layered Security Advanced Threat Prevention IoMT & BMS MOVIL Network Protection Device Protection App Protection Capsule WorkSpace/Docs Remote Access Secure Business Data Protect Docs Everywhere ENDPOINT Anti-Ransomware Forensics Threat Prevention Access/Data Security Access Control Secure Media Secure Documents NUBE Advanced Threat Prevention Adaptive Security Automation and Orchestration Cross Environment Dynamic Policies Infrastructure Identity Protection Sensitive Data Protection Zero-Day Threat Protection End-to-end SaaS Security Applications
40©2018 Check Point Software Technologies Ltd. [Internal Use] for Check Point employees​ Check Point Software Free Tools
41©2018 Check Point Software Technologies Ltd. ENFORCEMENT GESTION INTELIENCIA CLOUD & INFRASTRUCTURA APPLIANCES CASB 160+PARTNERS TECNOLOGICOS MOVILES COMUNICACIONESICS CHECK POINT PROVEE A SUS CLIENTES UNO DE LOS MAS GRANDES ECOSISTEMAS EN LA INDUSTRIA DE SEGURIDAD Source: https://www.checkpoint.com/partners/opsec
42©2018 Check Point Software Technologies Ltd.©2018 Check Point Software Technologies Ltd. THANK YOU! / ¡GRACIAS! / OBRIGADO! DANKE! / TAK! / GRÀCIES! / MERCI! / СПАСИБО! !‫תודה‬ [Restricted] for designated teams ​

Recommended

Scrapping for Pennies: How to implement security without a budget
Scrapping for Pennies: How to implement security without a budgetScrapping for Pennies: How to implement security without a budget
Scrapping for Pennies: How to implement security without a budgetRyan Wisniewski
 
2018 06 Presentation Cloudguard IaaS de Checkpoint
2018 06 Presentation Cloudguard IaaS de Checkpoint2018 06 Presentation Cloudguard IaaS de Checkpoint
2018 06 Presentation Cloudguard IaaS de Checkpointe-Xpert Solutions SA
 
2018 06 Presentation Cloudguard SaaS de Checkpoint
2018 06 Presentation Cloudguard SaaS de Checkpoint 2018 06 Presentation Cloudguard SaaS de Checkpoint
2018 06 Presentation Cloudguard SaaS de Checkpoint e-Xpert Solutions SA
 
2015 Security Report
2015 Security Report 2015 Security Report
2015 Security Report Check Point Software Technologies
 
Check Point and Accenture Webinar
Check Point and Accenture Webinar Check Point and Accenture Webinar
Check Point and Accenture Webinar Check Point Software Technologies
 
Check Point Corporate Overview 2020 - Detailed
Check Point Corporate Overview 2020 - DetailedCheck Point Corporate Overview 2020 - Detailed
Check Point Corporate Overview 2020 - DetailedMoti Sagey מוטי שגיא
 
Protecting Critical Infastrucutre: Zero Tolerance
Protecting Critical Infastrucutre: Zero ToleranceProtecting Critical Infastrucutre: Zero Tolerance
Protecting Critical Infastrucutre: Zero ToleranceCheck Point Software Technologies
 
Are You Prepared for the Next Mobile Attack?
Are You Prepared for the Next Mobile Attack?Are You Prepared for the Next Mobile Attack?
Are You Prepared for the Next Mobile Attack?Check Point Software Technologies
 

Recommended

Scrapping for Pennies: How to implement security without a budget
Scrapping for Pennies: How to implement security without a budgetScrapping for Pennies: How to implement security without a budget
Scrapping for Pennies: How to implement security without a budgetRyan Wisniewski
 
2018 06 Presentation Cloudguard IaaS de Checkpoint
2018 06 Presentation Cloudguard IaaS de Checkpoint2018 06 Presentation Cloudguard IaaS de Checkpoint
2018 06 Presentation Cloudguard IaaS de Checkpointe-Xpert Solutions SA
 
2018 06 Presentation Cloudguard SaaS de Checkpoint
2018 06 Presentation Cloudguard SaaS de Checkpoint 2018 06 Presentation Cloudguard SaaS de Checkpoint
2018 06 Presentation Cloudguard SaaS de Checkpoint e-Xpert Solutions SA
 
2015 Security Report
2015 Security Report 2015 Security Report
2015 Security Report Check Point Software Technologies
 
Check Point and Accenture Webinar
Check Point and Accenture Webinar Check Point and Accenture Webinar
Check Point and Accenture Webinar Check Point Software Technologies
 
Check Point Corporate Overview 2020 - Detailed
Check Point Corporate Overview 2020 - DetailedCheck Point Corporate Overview 2020 - Detailed
Check Point Corporate Overview 2020 - DetailedMoti Sagey מוטי שגיא
 
Protecting Critical Infastrucutre: Zero Tolerance
Protecting Critical Infastrucutre: Zero ToleranceProtecting Critical Infastrucutre: Zero Tolerance
Protecting Critical Infastrucutre: Zero ToleranceCheck Point Software Technologies
 
Are You Prepared for the Next Mobile Attack?
Are You Prepared for the Next Mobile Attack?Are You Prepared for the Next Mobile Attack?
Are You Prepared for the Next Mobile Attack?Check Point Software Technologies
 
PIONEERING GEN V SECURITY WITH CHECK POINT
PIONEERING GEN V SECURITY WITH CHECK POINTPIONEERING GEN V SECURITY WITH CHECK POINT
PIONEERING GEN V SECURITY WITH CHECK POINTTechnofutur TIC
 
WannaCry: How to Protect Yourself
WannaCry: How to Protect YourselfWannaCry: How to Protect Yourself
WannaCry: How to Protect YourselfCheck Point Software Technologies
 
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and BeyondHow BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and BeyondSecPod Technologies
 
Securing Your Cloud With Check Point's vSEC
Securing Your Cloud With Check Point's vSECSecuring Your Cloud With Check Point's vSEC
Securing Your Cloud With Check Point's vSECCheck Point Software Technologies
 
Kba talk track 2018
Kba talk track 2018Kba talk track 2018
Kba talk track 2018Greg Wartes, MCP
 
Check Point vSEC for Microsoft Azure Webinar
Check Point vSEC for Microsoft Azure WebinarCheck Point vSEC for Microsoft Azure Webinar
Check Point vSEC for Microsoft Azure WebinarCheck Point Software Technologies
 
Check Point and Cisco: Securing the Private Cloud
Check Point and Cisco: Securing the Private CloudCheck Point and Cisco: Securing the Private Cloud
Check Point and Cisco: Securing the Private CloudCheck Point Software Technologies
 
Cybersecurity 2020 threat landscape and its implications (AMER)
Cybersecurity 2020 threat landscape and its implications (AMER)Cybersecurity 2020 threat landscape and its implications (AMER)
Cybersecurity 2020 threat landscape and its implications (AMER)Cloudflare
 
MITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITRE
MITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITREMITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITRE
MITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITREMITRE - ATT&CKcon
 
Ransomware in targeted attacks
Ransomware in targeted attacksRansomware in targeted attacks
Ransomware in targeted attacksKaspersky
 
LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...
LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...
LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...Cloudflare
 
BlueHat v18 || Dep for the app layer - time for app sec to grow up
BlueHat v18 || Dep for the app layer - time for app sec to grow upBlueHat v18 || Dep for the app layer - time for app sec to grow up
BlueHat v18 || Dep for the app layer - time for app sec to grow upBlueHat Security Conference
 
BlueHat v18 || software supply chain attacks in 2018 - predictions vs reality
BlueHat v18 || software supply chain attacks in 2018 - predictions vs realityBlueHat v18 || software supply chain attacks in 2018 - predictions vs reality
BlueHat v18 || software supply chain attacks in 2018 - predictions vs realityBlueHat Security Conference
 
Csa summit seguridad en el sddc
Csa summit seguridad en el sddcCsa summit seguridad en el sddc
Csa summit seguridad en el sddcCSA Argentina
 
INFINITY Presentation
INFINITY PresentationINFINITY Presentation
INFINITY PresentationCristian Garcia G.
 
Five critical conditions to maximizing security intelligence investments
Five critical conditions to maximizing security intelligence investmentsFive critical conditions to maximizing security intelligence investments
Five critical conditions to maximizing security intelligence investmentsIBM Security
 
Ga society of cpa's 2018 coastal chapter
Ga society of cpa's 2018 coastal chapterGa society of cpa's 2018 coastal chapter
Ga society of cpa's 2018 coastal chapterGreg Wartes, MCP
 
Csa summit argentina-reavis
Csa summit argentina-reavisCsa summit argentina-reavis
Csa summit argentina-reavisCSA Argentina
 
ATT&CKing Your Adversaries - Operationalizing cyber intelligence in your own ...
ATT&CKing Your Adversaries - Operationalizing cyber intelligence in your own ...ATT&CKing Your Adversaries - Operationalizing cyber intelligence in your own ...
ATT&CKing Your Adversaries - Operationalizing cyber intelligence in your own ...JamieWilliams130
 
Check Point vs competition security effectiveness
Check Point vs competition security effectiveness Check Point vs competition security effectiveness
Check Point vs competition security effectiveness Moti Sagey מוטי שגיא
 
End to End Security - Check Point
End to End Security - Check PointEnd to End Security - Check Point
End to End Security - Check PointHarry Gunns
 
Ascendiendo a la GEN V de Cyber Security
Ascendiendo a la GEN V de Cyber SecurityAscendiendo a la GEN V de Cyber Security
Ascendiendo a la GEN V de Cyber SecurityCristian Garcia G.
 

More Related Content

What's hot

PIONEERING GEN V SECURITY WITH CHECK POINT
PIONEERING GEN V SECURITY WITH CHECK POINTPIONEERING GEN V SECURITY WITH CHECK POINT
PIONEERING GEN V SECURITY WITH CHECK POINTTechnofutur TIC
 
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and BeyondHow BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and BeyondSecPod Technologies
 
Cybersecurity 2020 threat landscape and its implications (AMER)
Cybersecurity 2020 threat landscape and its implications (AMER)Cybersecurity 2020 threat landscape and its implications (AMER)
Cybersecurity 2020 threat landscape and its implications (AMER)Cloudflare
 
MITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITRE
MITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITREMITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITRE
MITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITREMITRE - ATT&CKcon
 
Ransomware in targeted attacks
Ransomware in targeted attacksRansomware in targeted attacks
Ransomware in targeted attacksKaspersky
 
LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...
LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...
LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...Cloudflare
 
BlueHat v18 || Dep for the app layer - time for app sec to grow up
BlueHat v18 || Dep for the app layer - time for app sec to grow upBlueHat v18 || Dep for the app layer - time for app sec to grow up
BlueHat v18 || Dep for the app layer - time for app sec to grow upBlueHat Security Conference
 
BlueHat v18 || software supply chain attacks in 2018 - predictions vs reality
BlueHat v18 || software supply chain attacks in 2018 - predictions vs realityBlueHat v18 || software supply chain attacks in 2018 - predictions vs reality
BlueHat v18 || software supply chain attacks in 2018 - predictions vs realityBlueHat Security Conference
 
Csa summit seguridad en el sddc
Csa summit seguridad en el sddcCsa summit seguridad en el sddc
Csa summit seguridad en el sddcCSA Argentina
 
Five critical conditions to maximizing security intelligence investments
Five critical conditions to maximizing security intelligence investmentsFive critical conditions to maximizing security intelligence investments
Five critical conditions to maximizing security intelligence investmentsIBM Security
 
Ga society of cpa's 2018 coastal chapter
Ga society of cpa's 2018 coastal chapterGa society of cpa's 2018 coastal chapter
Ga society of cpa's 2018 coastal chapterGreg Wartes, MCP
 
Csa summit argentina-reavis
Csa summit argentina-reavisCsa summit argentina-reavis
Csa summit argentina-reavisCSA Argentina
 
ATT&CKing Your Adversaries - Operationalizing cyber intelligence in your own ...
ATT&CKing Your Adversaries - Operationalizing cyber intelligence in your own ...ATT&CKing Your Adversaries - Operationalizing cyber intelligence in your own ...
ATT&CKing Your Adversaries - Operationalizing cyber intelligence in your own ...JamieWilliams130
 
Check Point vs competition security effectiveness
Check Point vs competition security effectiveness Check Point vs competition security effectiveness
Check Point vs competition security effectiveness Moti Sagey מוטי שגיא
 

What's hot (20)

PIONEERING GEN V SECURITY WITH CHECK POINT
PIONEERING GEN V SECURITY WITH CHECK POINTPIONEERING GEN V SECURITY WITH CHECK POINT
PIONEERING GEN V SECURITY WITH CHECK POINT
 
WannaCry: How to Protect Yourself
WannaCry: How to Protect YourselfWannaCry: How to Protect Yourself
WannaCry: How to Protect Yourself
 
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and BeyondHow BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
 
Securing Your Cloud With Check Point's vSEC
Securing Your Cloud With Check Point's vSECSecuring Your Cloud With Check Point's vSEC
Securing Your Cloud With Check Point's vSEC
 
Kba talk track 2018
Kba talk track 2018Kba talk track 2018
Kba talk track 2018
 
Check Point vSEC for Microsoft Azure Webinar
Check Point vSEC for Microsoft Azure WebinarCheck Point vSEC for Microsoft Azure Webinar
Check Point vSEC for Microsoft Azure Webinar
 
Check Point and Cisco: Securing the Private Cloud
Check Point and Cisco: Securing the Private CloudCheck Point and Cisco: Securing the Private Cloud
Check Point and Cisco: Securing the Private Cloud
 
Cybersecurity 2020 threat landscape and its implications (AMER)
Cybersecurity 2020 threat landscape and its implications (AMER)Cybersecurity 2020 threat landscape and its implications (AMER)
Cybersecurity 2020 threat landscape and its implications (AMER)
 
MITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITRE
MITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITREMITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITRE
MITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITRE
 
Ransomware in targeted attacks
Ransomware in targeted attacksRansomware in targeted attacks
Ransomware in targeted attacks
 
LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...
LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...
LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...
 
BlueHat v18 || Dep for the app layer - time for app sec to grow up
BlueHat v18 || Dep for the app layer - time for app sec to grow upBlueHat v18 || Dep for the app layer - time for app sec to grow up
BlueHat v18 || Dep for the app layer - time for app sec to grow up
 
BlueHat v18 || software supply chain attacks in 2018 - predictions vs reality
BlueHat v18 || software supply chain attacks in 2018 - predictions vs realityBlueHat v18 || software supply chain attacks in 2018 - predictions vs reality
BlueHat v18 || software supply chain attacks in 2018 - predictions vs reality
 
Csa summit seguridad en el sddc
Csa summit seguridad en el sddcCsa summit seguridad en el sddc
Csa summit seguridad en el sddc
 
INFINITY Presentation
INFINITY PresentationINFINITY Presentation
INFINITY Presentation
 
Five critical conditions to maximizing security intelligence investments
Five critical conditions to maximizing security intelligence investmentsFive critical conditions to maximizing security intelligence investments
Five critical conditions to maximizing security intelligence investments
 
Ga society of cpa's 2018 coastal chapter
Ga society of cpa's 2018 coastal chapterGa society of cpa's 2018 coastal chapter
Ga society of cpa's 2018 coastal chapter
 
Csa summit argentina-reavis
Csa summit argentina-reavisCsa summit argentina-reavis
Csa summit argentina-reavis
 
ATT&CKing Your Adversaries - Operationalizing cyber intelligence in your own ...
ATT&CKing Your Adversaries - Operationalizing cyber intelligence in your own ...ATT&CKing Your Adversaries - Operationalizing cyber intelligence in your own ...
ATT&CKing Your Adversaries - Operationalizing cyber intelligence in your own ...
 
Check Point vs competition security effectiveness
Check Point vs competition security effectiveness Check Point vs competition security effectiveness
Check Point vs competition security effectiveness
 

Similar to Crypto Mining Threats and Prevention

End to End Security - Check Point
End to End Security - Check PointEnd to End Security - Check Point
End to End Security - Check PointHarry Gunns
 
Ascendiendo a la GEN V de Cyber Security
Ascendiendo a la GEN V de Cyber SecurityAscendiendo a la GEN V de Cyber Security
Ascendiendo a la GEN V de Cyber SecurityCristian Garcia G.
 
Security as an Accelerator for Cloud Adoption
Security as an Accelerator for Cloud AdoptionSecurity as an Accelerator for Cloud Adoption
Security as an Accelerator for Cloud AdoptionMarketingArrowECS_CZ
 
Seguridad en Capas: Smart & Actionable Data
Seguridad en Capas: Smart & Actionable DataSeguridad en Capas: Smart & Actionable Data
Seguridad en Capas: Smart & Actionable DataCristian Garcia G.
 
ALMUERZO DE TRABAJO CHECKPOINT - SECURE SOFT
ALMUERZO DE TRABAJO CHECKPOINT - SECURE SOFTALMUERZO DE TRABAJO CHECKPOINT - SECURE SOFT
ALMUERZO DE TRABAJO CHECKPOINT - SECURE SOFTCristian Garcia G.
 
CompTIA powered Cybersecurity Apprenticeships
CompTIA powered Cybersecurity ApprenticeshipsCompTIA powered Cybersecurity Apprenticeships
CompTIA powered Cybersecurity ApprenticeshipsZeshan Sattar
 
Milliseconds Matter: Optimize Cloud Apps with Network Control (NET314-S) - AW...
Milliseconds Matter: Optimize Cloud Apps with Network Control (NET314-S) - AW...Milliseconds Matter: Optimize Cloud Apps with Network Control (NET314-S) - AW...
Milliseconds Matter: Optimize Cloud Apps with Network Control (NET314-S) - AW...Amazon Web Services
 
Csa Summit 2017 - Un viaje seguro hacia la nube
Csa Summit 2017 - Un viaje seguro hacia la nubeCsa Summit 2017 - Un viaje seguro hacia la nube
Csa Summit 2017 - Un viaje seguro hacia la nubeCSA Argentina
 
Augusta gen v presentation adapture v2
Augusta gen v presentation adapture v2Augusta gen v presentation adapture v2
Augusta gen v presentation adapture v2Greg Wartes, MCP
 
Ciberseguridad en el mundo de la IA
Ciberseguridad en el mundo de la IACiberseguridad en el mundo de la IA
Ciberseguridad en el mundo de la IACristian Garcia G.
 
Outage analysis: BGP Routing Errors Ripple Across the Internet
Outage analysis: BGP Routing Errors Ripple Across the InternetOutage analysis: BGP Routing Errors Ripple Across the Internet
Outage analysis: BGP Routing Errors Ripple Across the InternetThousandEyes
 
The Importance of Cybersecurity in 2017
The Importance of Cybersecurity in 2017The Importance of Cybersecurity in 2017
The Importance of Cybersecurity in 2017R-Style Lab
 
IoT Microcontrollers and Getting Started with Amazon FreeRTOS (IOT338-R1) - A...
IoT Microcontrollers and Getting Started with Amazon FreeRTOS (IOT338-R1) - A...IoT Microcontrollers and Getting Started with Amazon FreeRTOS (IOT338-R1) - A...
IoT Microcontrollers and Getting Started with Amazon FreeRTOS (IOT338-R1) - A...Amazon Web Services
 
Webinar - How to Become a Cyber-threat Intelligence Analyst
Webinar - How to Become a Cyber-threat Intelligence AnalystWebinar - How to Become a Cyber-threat Intelligence Analyst
Webinar - How to Become a Cyber-threat Intelligence AnalystTuan Yang
 
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec
 
Log Analytics for Distributed Microservices
Log Analytics for Distributed MicroservicesLog Analytics for Distributed Microservices
Log Analytics for Distributed MicroservicesKai Wähner
 

Similar to Crypto Mining Threats and Prevention (20)

End to End Security - Check Point
End to End Security - Check PointEnd to End Security - Check Point
End to End Security - Check Point
 
Ascendiendo a la GEN V de Cyber Security
Ascendiendo a la GEN V de Cyber SecurityAscendiendo a la GEN V de Cyber Security
Ascendiendo a la GEN V de Cyber Security
 
Security as an Accelerator for Cloud Adoption
Security as an Accelerator for Cloud AdoptionSecurity as an Accelerator for Cloud Adoption
Security as an Accelerator for Cloud Adoption
 
Seguridad en Capas: Smart & Actionable Data
Seguridad en Capas: Smart & Actionable DataSeguridad en Capas: Smart & Actionable Data
Seguridad en Capas: Smart & Actionable Data
 
ALMUERZO DE TRABAJO CHECKPOINT - SECURE SOFT
ALMUERZO DE TRABAJO CHECKPOINT - SECURE SOFTALMUERZO DE TRABAJO CHECKPOINT - SECURE SOFT
ALMUERZO DE TRABAJO CHECKPOINT - SECURE SOFT
 
Check Point Infinity
Check Point Infinity Check Point Infinity
Check Point Infinity
 
CompTIA powered Cybersecurity Apprenticeships
CompTIA powered Cybersecurity ApprenticeshipsCompTIA powered Cybersecurity Apprenticeships
CompTIA powered Cybersecurity Apprenticeships
 
Milliseconds Matter: Optimize Cloud Apps with Network Control (NET314-S) - AW...
Milliseconds Matter: Optimize Cloud Apps with Network Control (NET314-S) - AW...Milliseconds Matter: Optimize Cloud Apps with Network Control (NET314-S) - AW...
Milliseconds Matter: Optimize Cloud Apps with Network Control (NET314-S) - AW...
 
Atelier Technique ARBOR NETWORKS ACSS 2018
Atelier Technique ARBOR NETWORKS ACSS 2018Atelier Technique ARBOR NETWORKS ACSS 2018
Atelier Technique ARBOR NETWORKS ACSS 2018
 
Csa Summit 2017 - Un viaje seguro hacia la nube
Csa Summit 2017 - Un viaje seguro hacia la nubeCsa Summit 2017 - Un viaje seguro hacia la nube
Csa Summit 2017 - Un viaje seguro hacia la nube
 
Augusta gen v presentation adapture v2
Augusta gen v presentation adapture v2Augusta gen v presentation adapture v2
Augusta gen v presentation adapture v2
 
CheckPoint Software
CheckPoint SoftwareCheckPoint Software
CheckPoint Software
 
Ciberseguridad en el mundo de la IA
Ciberseguridad en el mundo de la IACiberseguridad en el mundo de la IA
Ciberseguridad en el mundo de la IA
 
Outage analysis: BGP Routing Errors Ripple Across the Internet
Outage analysis: BGP Routing Errors Ripple Across the InternetOutage analysis: BGP Routing Errors Ripple Across the Internet
Outage analysis: BGP Routing Errors Ripple Across the Internet
 
The Importance of Cybersecurity in 2017
The Importance of Cybersecurity in 2017The Importance of Cybersecurity in 2017
The Importance of Cybersecurity in 2017
 
Mind the gap_cpx2022_moti_sagey_final
Mind the gap_cpx2022_moti_sagey_finalMind the gap_cpx2022_moti_sagey_final
Mind the gap_cpx2022_moti_sagey_final
 
IoT Microcontrollers and Getting Started with Amazon FreeRTOS (IOT338-R1) - A...
IoT Microcontrollers and Getting Started with Amazon FreeRTOS (IOT338-R1) - A...IoT Microcontrollers and Getting Started with Amazon FreeRTOS (IOT338-R1) - A...
IoT Microcontrollers and Getting Started with Amazon FreeRTOS (IOT338-R1) - A...
 
Webinar - How to Become a Cyber-threat Intelligence Analyst
Webinar - How to Become a Cyber-threat Intelligence AnalystWebinar - How to Become a Cyber-threat Intelligence Analyst
Webinar - How to Become a Cyber-threat Intelligence Analyst
 
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
 
Log Analytics for Distributed Microservices
Log Analytics for Distributed MicroservicesLog Analytics for Distributed Microservices
Log Analytics for Distributed Microservices
 

Recently uploaded

AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxellan12
 
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Delhi Call girls
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024APNIC
 
Denver Web Design brochure for public viewing
Denver Web Design brochure for public viewingDenver Web Design brochure for public viewing
Denver Web Design brochure for public viewingbigorange77
 
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
Russian Call Girls Thane Swara 8617697112 Independent Escort Service Thane
Russian Call Girls Thane Swara 8617697112 Independent Escort Service ThaneRussian Call Girls Thane Swara 8617697112 Independent Escort Service Thane
Russian Call Girls Thane Swara 8617697112 Independent Escort Service ThaneCall girls in Ahmedabad High profile
 
Call Girls in East Of Kailash 9711199171 Delhi Enjoy Call Girls With Our Escorts
Call Girls in East Of Kailash 9711199171 Delhi Enjoy Call Girls With Our EscortsCall Girls in East Of Kailash 9711199171 Delhi Enjoy Call Girls With Our Escorts
Call Girls in East Of Kailash 9711199171 Delhi Enjoy Call Girls With Our Escortsindian call girls near you
 
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Roomishabajaj13
 
Complet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled PersonComplet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled Personfurqan222004
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMgdsc13
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...SofiyaSharma5
 
Russian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girlsRussian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girlsstephieert
 
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一3sw2qly1
 
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebGDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebJames Anderson
 
VIP Call Girls Pune Madhuri 8617697112 Independent Escort Service Pune
VIP Call Girls Pune Madhuri 8617697112 Independent Escort Service PuneVIP Call Girls Pune Madhuri 8617697112 Independent Escort Service Pune
VIP Call Girls Pune Madhuri 8617697112 Independent Escort Service PuneCall girls in Ahmedabad High profile
 
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一Fs
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts servicevipmodelshub1
 

Recently uploaded (20)

AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
 
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
 
Denver Web Design brochure for public viewing
Denver Web Design brochure for public viewingDenver Web Design brochure for public viewing
Denver Web Design brochure for public viewing
 
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Russian Call Girls Thane Swara 8617697112 Independent Escort Service Thane
Russian Call Girls Thane Swara 8617697112 Independent Escort Service ThaneRussian Call Girls Thane Swara 8617697112 Independent Escort Service Thane
Russian Call Girls Thane Swara 8617697112 Independent Escort Service Thane
 
Call Girls in East Of Kailash 9711199171 Delhi Enjoy Call Girls With Our Escorts
Call Girls in East Of Kailash 9711199171 Delhi Enjoy Call Girls With Our EscortsCall Girls in East Of Kailash 9711199171 Delhi Enjoy Call Girls With Our Escorts
Call Girls in East Of Kailash 9711199171 Delhi Enjoy Call Girls With Our Escorts
 
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
 
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
Complet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled PersonComplet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled Person
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITM
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
 
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
 
Russian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girlsRussian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girls
 
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
 
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebGDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
 
VIP Call Girls Pune Madhuri 8617697112 Independent Escort Service Pune
VIP Call Girls Pune Madhuri 8617697112 Independent Escort Service PuneVIP Call Girls Pune Madhuri 8617697112 Independent Escort Service Pune
VIP Call Girls Pune Madhuri 8617697112 Independent Escort Service Pune
 
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
 

Crypto Mining Threats and Prevention

  • 1. 1©2018 Check Point Software Technologies Ltd.©2018 Check Point Software Technologies Ltd. Elier Cruz | Global Enterprise Security Architect CRYPTO MINING, A THREAT IMPACTING THE BUSINESSES What is it? How to prevent?
  • 2. 2©2018 Check Point Software Technologies Ltd. The Global Risks Report 2018
  • 3. 3©2018 Check Point Software Technologies Ltd.
  • 4. 4©2018 Check Point Software Technologies Ltd.
  • 5. 5©2018 Check Point Software Technologies Ltd. So, which is it?
  • 6. 6©2018 Check Point Software Technologies Ltd. Weekly Mining Attacks Detected by ThreatCloud 0 1,000,000 2,000,000 3,000,000 4,000,000 5,000,000 6,000,000 7,000,000 8,000,000 9,000,000 6-Aug-17 6-Sep-17 6-Oct-17 6-Nov-17 6-Dec-17 6-Jan-18 6-Feb-18 Nov-28: Bitcoin crosses $10K
  • 7. 7©2018 Check Point Software Technologies Ltd. It’s everywhere 55% of organizations attacked in December
  • 8. ©2018 Check Point Software Technologies Ltd. 20M USD STOLEN IN THE MEXICAN FINANCIAL SYSTEM..... REALLY?!
  • 9. 9©2018 Check Point Software Technologies Ltd. THE CRYPTO-CURRENCY MINING INDUSTRY
  • 10. 10©2018 Check Point Software Technologies Ltd. ADD TRANSACTIONS INTO A CRYPTO-CURRENCY PUBLIC LEDGER What is crypto mining? SOLVE A PUZZLE GET A REWARD
  • 11. 11©2018 Check Point Software Technologies Ltd. SHOW ME THE MONEY BITCOIN MINING REWARD 12.5 BTC Every 10 minutes $98,225.00= Every 10 minutes= ANNUAL MINING REVENUE$5.4B and that’s just bitcoin… … 1 = $7,858 May 23rd , 2018 exchange rate
  • 12. 12©2018 Check Point Software Technologies Ltd.
  • 13. 13©2018 Check Point Software Technologies Ltd. 27 Nov 2017
  • 14. 14©2018 Check Point Software Technologies Ltd. 22 Feb 2018
  • 15. 15©2018 Check Point Software Technologies Ltd.
  • 16. 16©2018 Check Point Software Technologies Ltd. What’s a mining attack?
  • 17. 17©2018 Check Point Software Technologies Ltd. The Cryptojacking Motto: In every CPU there’s a hidden miner  Abuse someone else's hardware  Let someone else pay the electricity bill
  • 18. 18©2018 Check Point Software Technologies Ltd. MINING ON SOMEONE ELSE’S CPU 1. MINING MALWARE 2. MINING APPS • Infect endpoints & servers • Mine 24/7 3. MINING JAVASCRIPT • Install on mobile devices • Mine till the battery dies • Infect websites & ad networks • Mine the surfers $3MMINED BY A SINGLE ATTACKER Source: Check Point research, February 2018
  • 19. 19©2018 Check Point Software Technologies Ltd. BUSINESS IMPACT OF MINING ATTACKS Exhaust server CPU  Poor Service / Denial of Service CONSUME SERVER RESOURCES MINING HACKERS LOVE THE CLOUD
  • 20. 20©2018 Check Point Software Technologies Ltd. 21 Feb 2018
  • 21. 21©2018 Check Point Software Technologies Ltd. Large Telco, US Recently… “Something penetrated our cloud. Our monthly AWS bill is up from under $10K to over $100K” FINDINGS  AWS instance penetrated  Infected with mining malware  Auto-scaled to dozens of instances
  • 22. 22©2018 Check Point Software Technologies Ltd. BUSINESS IMPACT OF MINING ATTACKS LOWER USER PRODUCTIVITY Slow down PC Drain mobile/laptop battery Exhaust server CPU  Poor Service / Denial of Service Trigger cloud auto-scale  $$$ CONSUME SERVER RESOURCES
  • 23. 23©2018 Check Point Software Technologies Ltd. JAVASCRIPT MINING IN THE BACKGROUND
  • 24. 24©2018 Check Point Software Technologies Ltd. BUSINESS IMPACT OF MINING ATTACKS LOWER USER PRODUCTIVITY Slow down PC Drain mobile/laptop battery Exhaust server CPU  Poor Service / Denial of Service Trigger cloud auto-scale  $$$ CONSUME SERVER RESOURCES HARM REPUTATION & CUSTOMER SATISFACTION By exploiting a company website to mine it’s customers
  • 25. 25©2018 Check Point Software Technologies Ltd. 23 Feb 2018
  • 26. 26©2018 Check Point Software Technologies Ltd. PREVENTING MINING ATTACKS
  • 27. 27©2018 Check Point Software Technologies Ltd. 1. PATCH YOUR SYSTEMS! BUT KEEP IN MIND… • Perfect patching & hardening for 100% of systems is usually impractical • It won’t protect you from zero-day vulnerabilities • It won’t protect your users from social engineering
  • 28. 28©2018 Check Point Software Technologies Ltd. Protect users from websites with mining javascript 2. USE AN IPS USERS SYSTEMS ORGANIZATION ATTACKER IPS Protect servers and endpoints from vulnerability exploitation Real-time virtual patching for the entire organization
  • 29. 29©2018 Check Point Software Technologies Ltd. Financial opportunity drives attack sophistication 3. ZERO DAY PREVENTION Majority of attacks can’t be detected by signatures May 2017 Known Unknown43% 57%
  • 30. 30©2018 Check Point Software Technologies Ltd. WHAT IF YOU’RE ALREADY INFECTED?
  • 31. 31©2018 Check Point Software Technologies Ltd. The difficult way… MONITOR THE CPU Look for anomalous usage patterns Constantly monitor on all your systems
  • 32. 32©2018 Check Point Software Technologies Ltd. INTERCEPT MINING CnC Use ANTI-BOT Detect and block mining traffic (and all other infections)  Stops the mining activity  Alerts on infected host Anti-Bot activated PC infected with XMRig miner The recommended way…
  • 33. 33©2018 Check Point Software Technologies Ltd.
  • 34. 34©2018 Check Point Software Technologies Ltd. SandBlast empowers you to achieve the best cyber protection in the industry Make sure you ̶ Cover all attack vectors ̶ Utilize all technologies ̶ Integrate with your infrastructure (Mail system, Proxy, DNS, …) ̶ Optimize and monitor Summary MINING ATTACKS CAN BE PREVENTED Patch your systems Implement advanced protection technologies Enterprise Security Architecture THE SAME PRINCIPLES PREVENT ALL CYBERATTACKS
  • 35. ©2018 Check Point Software Technologies Ltd. [Internal Use] for Check Point employees​
  • 36. 36©2018 Check Point Software Technologies Ltd. [Internal Use] for Check Point employees​ Forrester Zero Trust & Check Point Software
  • 37. 37©2018 Check Point Software Technologies Ltd. [Internal Use] for Check Point employees​ Cybersecurity is Human problem, not Machine problem
  • 38. 38©2018 Check Point Software Technologies Ltd. [Internal Use] for Check Point employees​ Enterprise Security Architecture https://research.cloudsecurityalliance.org/tci/index.php/explore/information_services/
  • 39. 39©2018 Check Point Software Technologies Ltd. NETWORK Shared Threat Intelligence Consolidated Security Management [Internal Use] for Check Point employees​ Multi & Hybrid Cloud Headquarters Branch Access Control Multi Layered Security Advanced Threat Prevention Data Protection Access Control Multi Layered Security Advanced Threat Prevention IoMT & BMS MOVIL Network Protection Device Protection App Protection Capsule WorkSpace/Docs Remote Access Secure Business Data Protect Docs Everywhere ENDPOINT Anti-Ransomware Forensics Threat Prevention Access/Data Security Access Control Secure Media Secure Documents NUBE Advanced Threat Prevention Adaptive Security Automation and Orchestration Cross Environment Dynamic Policies Infrastructure Identity Protection Sensitive Data Protection Zero-Day Threat Protection End-to-end SaaS Security Applications
  • 40. 40©2018 Check Point Software Technologies Ltd. [Internal Use] for Check Point employees​ Check Point Software Free Tools
  • 41. 41©2018 Check Point Software Technologies Ltd. ENFORCEMENT GESTION INTELIENCIA CLOUD & INFRASTRUCTURA APPLIANCES CASB 160+PARTNERS TECNOLOGICOS MOVILES COMUNICACIONESICS CHECK POINT PROVEE A SUS CLIENTES UNO DE LOS MAS GRANDES ECOSISTEMAS EN LA INDUSTRIA DE SEGURIDAD Source: https://www.checkpoint.com/partners/opsec
  • 42. 42©2018 Check Point Software Technologies Ltd.©2018 Check Point Software Technologies Ltd. THANK YOU! / ¡GRACIAS! / OBRIGADO! DANKE! / TAK! / GRÀCIES! / MERCI! / СПАСИБО! !‫תודה‬ [Restricted] for designated teams ​