What Is Shadow Mining? Most Cybersecurity Professionals Don’t Know

Most organizations are unfamiliar with shadow mining and cryptojacking, according to a survey of 150 cybersecurity professionals conducted by security information and event management (SIEM) platform provider Exabeam.

Key findings from Exabeam's "The Anatomy of Shadow Mining" report included:

Cybersecurity professionals also cited ransomware (40 percent) and bring-your-own-device (BYOD) threats (28 percent) as the two most common IT security challenges facing organizations, the Exabeam report showed. Comparatively, shadow mining (10 percent) and cryptojacking (9 percent) ranked among the least common IT security challenges.

Shadow Mining and Cryptojacking: What Cybersecurity Professionals Need to Know

Shadow mining refers to a combination of shadow IT and illicit cryptocurrency mining, Exabeam noted. It enables cybercriminals to obtain unauthorized use of an organization's computing resources to mine cryptocurrencies by a privileged user.

Cryptojacking involves the unauthorized use of a person's computer to mine cryptocurrency. It often occurs if a victim clicks on a malicious link in an email that loads cryptomining code onto his or her computer. Or, cryptojacking sometimes takes place if a victim opens a website or online ad that contains malicious JavaScript code.

How to Address Shadow Mining and Cryptojacking

Shadow mining and cryptojacking are simple and effective cyberattack techniques. As such, the number of shadow mining and cryptojacking attacks could increase in the years to come.

Meanwhile, network-based cyber threat detection solutions could help organizations address shadow mining and cryptojacking. These solutions help organizations quickly identify shadow mining and cryptojacking attacks before they escalate.

MSSPs also can help organizations combat shadow mining, cryptojacking and other cyberattacks. They can deliver threat detection services, as well as help organizations develop and deploy effective cybersecurity strategies.