The aim of cyber attacks traditionally has been to either disrupt the target’s web service or to steal important information and other assets. A new and quickly spreading phenomenon is to steal computing power to mine cryptocurrencies. What is most alarming is that, in addition to advanced cyber attacks aimed at elaborate systems, criminals will use any device connected to the Internet – for example, your mobile phone or a remotely controlled heat pump.


Cryptocurrency mining uses a lot of computing power and electricity because the mathematical problems connected to mining are difficult to solve. (See our related blog, “Not all blockchains are created equal when it comes to energy consumption.”) If you pay for the electricity and devices you use, mining will be costly. This is why cyber criminals are constantly looking for new ways to steal computing power. Through the Internet of Things, any device can be used for this purpose.

Recent headlines about cyber attacks to mine cryptocurrencies are just the tip of the iceberg. You might think that large data centers, for example, would be at the greatest risk, but this is not the case. The key to stealing computing power is not the efficiency of a single target, but the ease of infiltrating the system and the number of targets.

At the same time, cyber attacks are becoming more advanced. Methods that previously were possible only for national intelligence services now are routine for hackers. Malware usually is spread through attachments, but not in server environments. Every Internet-connected server that has not been updated is a gateway into an organization’s intranet. There are signs of cyber attacks in more than 50% of organizational networks. The most current example is the WannaMine malware variant.

An alarming phenomenon

Using another organization’s computer capacity might seem harmless, but the decreased power (as much as 65%) slows down workstations and systems, and quickly can cause significant losses. This is why I advise both system administrators and users to pay attention actively to the processing power of their environment. Have workstations slowed down? Is it just one device or a whole system? If these factors are present, and remediation efforts do not help, the cause likely is a cyber attack.

I want to stress that connecting any device to the Internet comes with a bigger threat than losing computing power. If cyber criminals are able to steal capacity through your device, they also might be able to control it. Who can control your domestic appliances? Your locks? Your car? The products you deliver? Unfortunately, the security of most Internet-connected devices is questionable at best.

If cyber criminals are able to steal capacity, they might be able to control your device.


Preparedness is the best defense

The most important defensive strategy is to make sure your information security is managed with care. The key to preparedness and effective security is having a knowledgeable and experienced cybersecurity partner with a current and comprehensive understanding of threats beyond national borders. Instead of relying on passive systems, organizations must prepare actively for these threats. A technology-independent service provider can help you choose the programs and systems that are best suited for your needs.

Do you have concerns about how this can impact your organization? Feel free to contact me so we can have a discussion on ways to mitigate potential risks. I also invite you to visit CGI’s managed security services and download our report, The Cyber-Value Connection.

About this author

Arttu Leppälä

Arttu Leppälä

As a manager at the CGI Security Operations Center (SOC) at in Finland, Arttu’s responsibilities include development and deployment of security services and technologies. With a strong background in technical information security, he has worked on security programs at CGI since 2011.