St Francis Xavier University in Antigonish, Nova Scotia, Canada had to shut down its entire network for four days last week to fend off a crypto-mining malware attack, Global News reports.
Campus email, Wi-Fi, debit transactions, online course selection, cloud storage, and drives on the St. FX network were all affected by the shutdown.
In a November 4th statement, the university said it was using a “staggered approach in bringing the systems back online to minimize potential risk,” and said attackers had attempted to use, “malicious software… to utilize StFX’s collective computing power in order to create or discover bitcoin for monetary gain.”
Cryptocurrency mining is a notoriously competitive, computing- and energy-intensive process whereby machines compete to discover a random number set by the software that will be used to cryptographically seal blocks of data.
The computer that successfully guesses the long number is currently awarded 12.5 bitcoins for doing so on the Bitcoin network. Another cryptocurrency popularly mined in crypto-mining attacks is a “privacy coin” called Monero.
“Cryptojacking” is a relatively new form of cyber attack which, for better or worse, appears to be eclipsing ransomware attacks as the attack of choice among nefarious hackers this year.
In a ransomware attack, all or part of a target’s computer system is locked up by malicious malware. This malware is often injected onto a system through a link in an infected email.
After locking up a system or data, ransomware attackers then demand that victims forward cryptocurrency to a particular online wallet address in order to have their systems unlocked.
Over the past several years, numerous businesses, at the advice of their IT security departments or consultants, have been keeping cryptocurrency on hand in order to quickly resolve ransomware situations.
This year, “cryptojacking” or crypto-mining malware attacks are on the rise as ransomware attacks decline.
Like ransomware, crypto-mining malware often infects a system through an employee email, but rather than shutting down a system or network, crypto mining malware “zombifies” a network to engage it in 24-7 cryptocurrency mining activity.
Infected systems often have their “sleep” functions overridden by the malware, and computer processing units be run down by the incessant calculations undertaken to find the number that will win “block rewards.”
Power expenses to a network can also go up.
“Cryptojacking” malware also automatically sends any crypto proceeds directly to attacker wallets, with malware providers taking a cut.
At the time of writing, St Francis Xavier University network systems are partially restored.
The University says that no personal data was breached in the attack and has asked all users of its network to change their passwords as a matter of “standard practice.”