Employee Theft via Cryptomining

Yesterday’s blog post got me thinking about another cryptomining incident, one that I was involved in as a consultant after the fact. This one doesn’t involve an attach from the outside but rather one from the inside. An ‘enterprising’ IT guy thought he’d make a little extra money on the side by running a cryptomining application on all of this companies desktops at night.

Cryptomining requires a lot of power and he had these desktops cranking from 7pm until 6am every single day and all day Sunday. In addition to the huge power bills to run them, ac systems had to run harder to remove heat produced by them.This went on for months due to one of my pet peeve’s – a disconnect between IT and the rest of the company. Whoever was paying the electric bill knew something was going on but didn’t articulate it to department managers. It wasn’t until several months later that by some stupid happenstance that their Director of IT came in on a Sunday and heard desktops humming away.

I was brought in by their CFO to do a full audit of their IT department. Fortunately this guy was a lone wolf and overall their IT department was running well. The biggest change from this engagement was a cultural one. This client needed to start looking at IT as a partner in moving business initiatives forward, not just as someone to call when their computer wont boot up or email stops working. This simple change in mindset had a huge impact on the company. But more on that another time, the wife is demanding I participate in something called dinner time.

Leave a Reply

Your email address will not be published. Required fields are marked *