Within minutes, she alerted the customer to the suspicious activity and started a CI Security investigation. The investigation revealed an active case of crypto jacking. Cryptomining malware has become one of the top cyber threats to emerge, and our internal experts believe the problem will continue in the years to come. This technique allows Illegal crypto miners to hack into external systems and steal computing power to mine cryptocurrency. This frees up the miner from having to make expensive investments in their own equipment.
Using the threat intelligence provided by the CI Security analyst, our customer was able to figure out that their newly upgraded phone system had been hacked. The IT Director at the company used this intel to quickly stop the crypto coin mining and eject the threat actor from the network.
While we have removed any identifying information about this customer, we can tell you they use CI Security for Managed Detection Response (MDR). That means that CI Security’s technology monitors the network for abnormalities—and our security analysts respond when there’s a real threat.
Our analysts then conduct thorough investigations to eliminate false positives, and kick-off the incident response plan with the customer when a true compromise occurs. The customer can then eliminate the threat, as happened in this crypto jacking case. Threat detection, human response: it’s what we do.
“I live for this kind of thing. We aim to outsmart the bad actors and protect our customers every single day. It’s why I come to work,”said the analyst, who has the internal nickname “Ticket-Zilla” for the high volume of tickets she powers through.
By integrating everything under the umbrella of operations, including information technology, operational technology (OT) in utilities, and internet-of-things (IoT) technologies, we can secure and enable “smart city” efficiencies.
Michael K Hamilton
The CISO at CI Security