The recent case of a Chinese headmaster being fired for secretly mining cryptocurrency using his school’s electricity supply has shed light on the potential impact of crypto mining on organizations. Hunan man Lei Hua had dismissed reports of excessive power consumption in the building, attributing it to air conditioning units and heaters. However, it was later discovered that he had hooked up eight cryptocurrency mining machines to the power supply, running up an electricity bill of 14,700 yuan (£1600) while mining Ethereum 24 hours a day.
Hua had initially invested 10,000 yuan in one mining machine and opted to move the operation to the school in an attempt to minimize overhead costs. Unfortunately, this decision not only cost the school a significant amount in energy bills but also reportedly overloaded the network, disrupting teaching activities. As a result, Hua was fired last month, while his deputy, who attempted to join the scheme by setting up his own mining machine in the school computer room, received an official warning.
This incident serves as a cautionary tale for organizations, particularly in light of the growing trend of cryptojacking attacks. A Canadian university recently had to shut down its entire IT network after discovering malware on its systems. Reports from McAfee and Trend Micro have indicated a substantial increase in coin mining malware detections, highlighting the need for vigilance among IT teams.
Barry Shteiman, VP of research and innovation at Exabeam, emphasized the importance of monitoring electricity bills for anomalies and changes in HVAC usage that could indicate unauthorized cryptomining operations. He also recommended looking out for sudden changes in network capacity, usage, and behavior, suggesting that entity analytics tools could be utilized to detect irregular network activity associated with cryptomining attacks.
In conclusion, the case of the Chinese headmaster underscores the potential risks associated with unauthorized cryptocurrency mining within organizations. By staying vigilant and implementing proper monitoring and detection measures, businesses can safeguard against the detrimental effects of cryptojacking and protect their network infrastructure from exploitation.