Cryptocurrency mining is one of the most profitable applications of blockchain technology. The profitability of mining, however, largely depends on one single factor — the cost of electricity. Proof of Work blockchains, such as Bitcoin, use electricity to ensure miners are economically invested in the validity of their participation, and reward them accordingly. A new generation of college students, however, is reaping the rewards of mining while campuses foot the bill in their stead.
New data released by security researchers at Cisco reveals the fastest-growing industry vertical for Bitcoin mining, and it’s not geothermal power or arctic mining pools — College campuses currently account for roughly 22 percent of all Bitcoin mining traffic assessed by Cisco.
Campus Mining Rigs Leverage Free Electricity
Life on a college campus can be expensive. Tuition, room, and board can all add up quickly. One cost that is included in campus living fees at most colleges, however, is electricity — a fact that enterprising college students have not overlooked.
In an interview with PCmag, Cisco threat researcher Austin McBride outlined the reasoning behind the newfound surge in campus crypto mining; students leave a rig running in their dorm room for four years, and they are able to walk out of college with a significant “chunk of change.” With the profitability of some latest-gen rigs pushing $2.50 per day with paid electricity, it’s easy to understand why college students are choosing to supplement their income by solving blocks with completely free energy — it’s all profit.
Unlike the highly centralized mining pool hash rate distribution, campus mining is fairly evenly distributed — Cisco researchers using the company’s Umbrella security platform identified mining action across a wide range of different campuses.
Cisco Identifies Widespread Cryptojacking
The Cisco investigation that identified campus-based mining assessed a number of different industry verticals including manufacturing, local governance, financial services, education, and the energy and utilities sector. Interestingly, the utilities sector accounts for the largest portion of non-mining pool hash power, contributing over one third of all traffic.
The utilities sector commonly operates older hardware and software, and is thus more susceptible to the growing threat of sophisticated cryptojacking attacks. In February 2018, infrastructure security firm Radiflow identified mining malware activity in the network of a major water utility in Europe — the first observation of mining malware in an industrial control system.
The impact of large-scale cryptojacking isn’t limited to the utilities sector, however. In early 2018, thousands of government websites around the world, including the UK’s NHS and the US government’s court system, were infected with a Coinhive-derived Monero miner via a compromised browser plugin Cryptojacking was identified by cyber security firm Symantec as the biggest security threat of 2018, a claim supported by Kaspersky Lab in a supporting report late last year. To date, over 15 million individual cryptojacking attacks have been identified, accounting for millions of dollars in miner revenue generated by unsuspecting individuals — who eventually foot the electricity bill.