3 ways to keep your cloud resources safe from Cryptojacking

Every day technology is evolving and so do is the threat to the online data. Among these is cryptojacking. It involves utilizing computing power to mine cryptocurrency, a process that can lead to huge financial losses for targeted organizations.

By: HT TECH
| Updated on: Aug 14 2023, 12:49 IST
To perform it, threat actors exploit compromised credentials through various means. This highlights the need for users to implement common best practices like credential hygiene and cloud hardening.  
To perform it, threat actors exploit compromised credentials through various means. This highlights the need for users to implement common best practices like credential hygiene and cloud hardening.   (Pexels)
1/5 To perform it, threat actors exploit compromised credentials through various means. This highlights the need for users to implement common best practices like credential hygiene and cloud hardening.   (Pexels)
Microsoft Security recommends adopting the following practices to prevent cloud cryptojacking: 
Microsoft Security recommends adopting the following practices to prevent cloud cryptojacking:  (Pexels)
image caption
2/5 Microsoft Security recommends adopting the following practices to prevent cloud cryptojacking:  (Pexels)
Multi-Factor Authentication: Tenant administrators should ensure that MFA is in use comprehensively across all accounts. This is especially important if the account has virtual machine contributor privileges. Users should also be discouraged from reusing passwords across services. 
Multi-Factor Authentication: Tenant administrators should ensure that MFA is in use comprehensively across all accounts. This is especially important if the account has virtual machine contributor privileges. Users should also be discouraged from reusing passwords across services.  (Pexels)
image caption
3/5 Multi-Factor Authentication: Tenant administrators should ensure that MFA is in use comprehensively across all accounts. This is especially important if the account has virtual machine contributor privileges. Users should also be discouraged from reusing passwords across services.  (Pexels)
Risk-based sign-in behaviors and conditional access policies : Monitoring risky user alerts and tuning detections that take advantage of security information help prevent these attacks. Risk-based conditional access policies can be designed to require multifactor re-authentication, enforce device compliance, force the user to update their password, or outright block the authentication. In many cases, policies such as these can be disruptive enough to provide security teams with enough time and signal to respond or alert the legitimate user to an issue before the resource abuse begins.
Risk-based sign-in behaviors and conditional access policies : Monitoring risky user alerts and tuning detections that take advantage of security information help prevent these attacks. Risk-based conditional access policies can be designed to require multifactor re-authentication, enforce device compliance, force the user to update their password, or outright block the authentication. In many cases, policies such as these can be disruptive enough to provide security teams with enough time and signal to respond or alert the legitimate user to an issue before the resource abuse begins. (Pexels)
image caption
4/5 Risk-based sign-in behaviors and conditional access policies : Monitoring risky user alerts and tuning detections that take advantage of security information help prevent these attacks. Risk-based conditional access policies can be designed to require multifactor re-authentication, enforce device compliance, force the user to update their password, or outright block the authentication. In many cases, policies such as these can be disruptive enough to provide security teams with enough time and signal to respond or alert the legitimate user to an issue before the resource abuse begins. (Pexels)

You may be interested in

MobilesTablets Laptops
7% OFF
Apple iPhone 15 Pro Max
  • Black Titanium
  • 8 GB RAM
  • 256 GB Storage
23% OFF
Samsung Galaxy S23 Ultra 5G
  • Green
  • 12 GB RAM
  • 256 GB Storage
Google Pixel 8 Pro
  • Obsidian
  • 12 GB RAM
  • 128 GB Storage
Apple iPhone 15 Plus
  • Black
  • 6 GB RAM
  • 128 GB Storage
Separation of privileged roles : In most resource abuse cases that Microsoft Incident Response has investigated, the initially compromised user is over privileged in some way. Thus, it is good practice to limit the number of accounts that have the virtual machine contributor role. In addition, accounts with this role should be protected by MFA and Conditional Access where possible.   
Separation of privileged roles : In most resource abuse cases that Microsoft Incident Response has investigated, the initially compromised user is over privileged in some way. Thus, it is good practice to limit the number of accounts that have the virtual machine contributor role. In addition, accounts with this role should be protected by MFA and Conditional Access where possible.    (Pexels)
image caption
5/5 Separation of privileged roles : In most resource abuse cases that Microsoft Incident Response has investigated, the initially compromised user is over privileged in some way. Thus, it is good practice to limit the number of accounts that have the virtual machine contributor role. In addition, accounts with this role should be protected by MFA and Conditional Access where possible.    (Pexels)
First Published Date: 14 Aug, 12:49 IST
Tags:
NEXT ARTICLE BEGINS