Turkish public research institute Sakarya University has had its computer systems compromised by hackers to mine cryptocurrencies. Universities and schools are primary targets of hackers due to relatively poor security controls on their systems. Furthermore, multiple computer systems at educational institutions can generate significant amounts of computational power.
The cryptojacking incident transpired as university students complained to management that the computers were running slower than usual. Upon investigation, experts concluded that university servers had been mining cryptocurrencies. The university has not made an official statement clarifying how the computers were compromised. According to Hurriyet Daily News, the university’s management is planning a fuller investigation into the incident.
Initially, students were of the opinion that the university’s servers were undergoing some technical problems. Distance education program students also faced issues when accessing university servers.
Although Turkish investigators have not revealed the breach point, among hackers the most common modus operandi is to make use of ransomware to inject cryptomining scripts that run in the background, leeching most of the processing power. More commonly, these mining scripts mine the privacy-focused Monero. The coin’s anonymity features make it impossible to track the movement of digital funds. Malicious mining scripts are also designed to run undetected.
Recently, cybersecurity firm Vectra highlighted in its report that a large amount of mining traffic comes from IP addresses linked to universities. Vectra’s findings highlight the trend of educational institutions becoming primary targets for hackers. At the beginning of the year, UW System Schools also found that its servers were being used to mine bitcoin.
On some occasions, hackers do not even need to breach security, as students unwittingly access websites embedded with cryptomining malware. Google has banned all cryptocurrency mining extensions from its Chrome store.
Cybercriminals always target websites or servers from which they can get the highest returns at the lowest risk. Universities have proven fertile grounds for cryptojackers, as they have multiple computer systems which operate throughout the day and reasonably poor levels of security.
Recently, Microsoft has also pointed out that non consensual cryptocurrency mining has become an increasing threat. As prices of digital currencies increase, more cybercriminals are drawn to illegal cryptomining.
The Turkish incident follows the April seizure of 600 computers used to mine bitcoin in Tianjin, China, made profitable by stealing electricity. the arrest in Tianjin, China of
How can educational institutions shield their computer systems from malicious mining scripts? Share your views in the comments section below.
Images via Pixabay
Subscribe to the Bitsonline YouTube channel for more great interviews featuring industry insiders & experts