We can't find the internet
Attempting to reconnect
Something went wrong!
Hang in there while we get back on track
Crypto Heist: The Aftermath of a Government Website Cryptojacking Attack • Scott Helme • GOTO 2023
Learn from the aftermath of a government website cryptojacking attack, where an attacker exploited the site's vulnerabilities for over a year, and discover the importance of robust security measures like CSP and SRI to prevent such attacks.
- Cryptojacking, a type of cyber attack, is an increasing threat to governments and organizations around the world.
- The attack on government websites is a significant breach, making it difficult to balance the need for protection and convenience.
- Content Security Policy (CSP) is a native browser functionality that allows you to specify which sources of content are allowed to be executed within a page.
- Sub-resource Integrity (SRI) can detect and prevent attacks by comparing the expected hash of a resource to its actual hash.
- Cryptojacking uses JavaScript to load a miner script that uses the victim’s computer power to mine cryptocurrency.
- The attack on the UK government website was not detected for over a year, and it was only uncovered by a researcher who noticed strange activity on his laptop.
- The researcher sent a tweet about the attack, and then continued to investigate and report on it.
- The attack was later confirmed by the UK’s Information Commissioner’s Office (ICO), which fined both the government and the third-party supplier for their roles in the attack.
- The incident highlights the need for robust security measures, including CSP and SRI, to prevent cryptojacking attacks.
- The researcher recommends using native browser functionality, such as CSP and SRI, to prevent cryptojacking attacks, rather than relying on JavaScript plugins or libraries.
- The incident also highlights the importance of transparency and accountability in addressing cyber attacks.
- The researcher argues that the incident was a result of complacency and a lack of understanding about the risks of cryptojacking.
- He also suggests that the incident may have been prevented if the government website had implemented stronger security measures, such as CSP and SRI.
- The incident may have also been prevented if the third-party supplier had taken steps to protect against cryptojacking attacks.
- The researcher concludes that the incident was a wake-up call for governments and organizations to take action to prevent cryptojacking attacks.