Radware’s Cloud Workload Protection Service now includes ‘crypto-jacking’ detection

Radware, a leading provider of cybersecurity and application delivery solutions, today announced that its Cloud Workload Protection Service now identifies and mitigates coin-mining malware known as ‘crypto-jacking’ operations taking place in customers’ public cloud environments.

Malicious cloud-based crypto-jacking activity is increasingly a threat to organizations that run workloads within public cloud environments.

According to IBM’s XForce Threat Intelligence Index for 2019, crypto-jacking has more than quadrupled year-over-year with a 450% increase.  Attackers seek out vulnerable cloud environments that they can penetrate in order to install crypto-mining software, collect money, and leave their unsuspecting targets to foot the bill.  Threat actors are increasingly targeting enterprises that rely on public cloud environments because it is such a lucrative endeavor.

Automatic Cloud Protection

Radware’s Cloud Workload Protection Service uses automatic detection and response capabilities to identify, alert and block crypto-mining activity in public clouds, so as to protect organizations from financial losses or reputation damage due to such activity.

“Crypto-jacking is an increasingly lucrative business for hackers, thanks to new generations of malware that make it easier than ever to turn the computing power of compromised cloud environments directly into money,” said Haim Zelikovsky, Vice President of Cloud Business for Radware.  “As cloud-based attacks continue to evolve, we likewise expanded our Cloud Workload Protection Service capabilities to address and help combat this type of cyber-crime.”

Radware’s Cloud Workload Protection Service includes an advanced analytics layer designed to identify malicious processes and external communications running on vulnerable hosts that are indicative of crypto-mining activities.

Combining data collected from public sources, as well as from Radware’s organic Windows- and Linux-based sandbox environments, it provides a rich data set of crypto-mining controllers. Once crypto-mining activity is identified, security administrators are alerted and can work to mitigate exposure using either manual or automated tools provided by Radware.

Launched in February 2019, Radware’s Cloud Workload Protection Service provides full-stack protection of applications hosted on public clouds, covering both the perimeter (WAF, DDoS, SSL, bot management, and threat intelligence) as well as the internal public cloud workload and cloud data (workload protection).