Bitcoin mining involves solving complex computational puzzles to verify digital currency transactions. Significant amounts of energy and computer processing power are needed to run the mining function.
Since bitcoin’s birth in 2009, the New York Department of Education has suffered two incidents of employees piggybacking or trying to jump on the agency’s powerful computers to mine for bitcoin before they were caught, reported New York Magazine. Meanwhile, according to Infosecurity magazine, students are hunkering down in their college dorms to mine for cryptocurrencies and chewing up electricity that can drive up an institution’s costs.
“The summer would not be a good time to start cryptomining,” he said. “This is the time where, in IT, most K-12 entities have the time to do a computer refresh, so devices are more actively looked at over this period.”
Summer also offers students and employees less access to K-12 resources, buildings, and computers, so the opportunity to load a cryptominer on school computers, servers and data centers is lessened, Cunningham added.
Warning signs and what to do
The first sign that bitcoin mining might be happening would be a higher than usual electricity bill, according to Johannes Ullrich, head of the SANS Internet Storm Center.“In addition, if a cryptocurrency miner is not careful, it will increase the CPU (central processing unit) usage of a system to a point where fans run louder and computers may even fail more often,” said Ullrich. “If the school monitors its network carefully enough, it will see outbound connections to mining pools. Many miners are now flagged as malicious by anti-virus. A well-functioning anti-virus setup should identify and block cryptocoin miners.”
Steps school IT staffs and their cybersecurity teams should consider include monitoring network traffic for mining activity, and monitoring systems for a high sustained CPU load that will help identify affected systems, said Ullrich.
“It is important to setup logging and authentication carefully to be able to hold employees accountable if they try to install a cryptocurrency miner,” he said.
Meanwhile, Cunningham also advised IT teams to take such actions as having procedures in place that prohibit the installation of software on devices by non-IT personnel, do not allow administrator rights to local machines for “standard” users, and actively block cryptomining sites.
Agencies also have cryptomining worries
The percentage of rogue employees mining for cryptocurrencies on employer equipment is likely higher in government agencies than the private sector, because public agencies tend to have less staff, Cunningham said. But in comparison to K-12 schools, Cunningham believes the percentage is likely lower than the other two.“Most school equipment is not modern enough to make it worthwhile to mine on,” Cunningham explained.
Ullrich, however, believes schools attract more rogue cryptocurrency mining employees than government agencies.
Government systems usually have tighter controls around the use of their systems and will not only catch misuse faster, but misuse also tends to have more severe consequences, he explained.
In schools, misuse often goes undetected and unpunished, according to Ullrich. “For example, back in 2014, a student at Harvard was caught using a university super computer to mine Dogecoin. In this case, the student was banned from using this super computer in the future,” he said.
Around the same time as the Harvard incident, a number of cases came to light of university researchers using the computers dedicated to research to mine for cryptocurrency, according to Ullrich. “K-12 schools usually do not have the kind of processing powers available that is found at universities, but it certainly happens.”