Security Expert and CTO of NewSky Security shares security tips
Image source: pixabay - TheDigitalArtist
Last month co-founder and CTO of NewSky Security, Song Li, shared his views on the cryptocurrency economy on Forbes - Song Li Part I. Song is also a security expert for W3C and a white hat (ethical) hacker that exposes security vulnerabilities on the blockchain.
I am glad that he brought up about crypto mining costs that include:
- Hardware, rental cost
- Network maintenance and staff cost
- Power cost
Using Bitmain's AntMiner S9 as an example, an S9 will draw 13,140kWh per year. If we use the national average power rate of 0.1262 USD/kWh, the annual power cost is $1,658.27. Other costs, such as land, building and maintenance costs, can be spread among each unit. Change in power cost is often the deterministic factor in whether a mining facility can make a profit.
Source: Forbes - Song Li Part I
Personally, as a crypto-miner with a GPU mining rig, hardware costs are fixed costs and without additional manpower cost, power cost are my greatest concerns. While most of us would not re-locate just to go somewhere with cheaper electricity cost, large crypto mining companies do seek out better options when it comes to mining on a larger scale. It makes a difference to whether profit is actually made from mining. The only variable factor comes directly from the hashrate of the coin which affects the amount paid for mining.
Image source: pixabay - Free-Photos
In Song's second article, he addresses stolen coins and power theft. Cryptocurrency market and mining pool Nicehash was hacked in Dec 2017, losing close to $60 million.
"Unfortunately, there has been a security breach involving NiceHash website. We are currently investigating the nature of the incident and, as a result, we are stopping all operations for the next 24 hours. Importantly, our payment system was compromised and the contents of the NiceHash Bitcoin wallet have been stolen. We are working to verify the precise number of BTC taken," the marketplace said.
Source: theregister - Shaun Nichols
Taking in the above example, Song noted that an attacker can reconfigure mining machines to send its rewards to the attacker's account. The attacker performs a common trick called a man-in-the-middle (MITM) attack. The attacker can replace the reported miner account with his account when sending the data to the mining pool and become the beneficiary of the miner's hard work. Source: Forbes - Song Li Part II.
In stealing CPU power, the Mirai botnet infected thousands of internet of things (IoT) devices in Oct 2016. Infected servers, websites and devices serve two owners, working secretly in the background for the attacker who has root access to the devices. Infected websites have scripts to run mining applications inside the brower to tap unto the computing power of its visitor's computer.
Research by Kaspersky Labs, the Russia-headquartered cyber security firm, showed that cryptojacking is the top crypto crime. From 2016-2017, cryptojacking incidents rose in total number, from 1.9 million to 2.7 million, as well as in share of all cyber threats detected, from 3% to 4%. Source: news.bitcoin - Avi Mizrahi.
Perhaps time for a renewal for anti-virus/spam protection.
-tysler
Image source: pixabay - MasterTux
Around here there's lots of power theft, almost everybody I've seen buying mining gear mentioned they got free power and I don't think they meant solar