A customer of the American coffee giant in Buenos Aires went for a coffee and got much more than was expected when he connected to the free in store wifi. The customer discovered that whilst he waited for the wifi to connect malicious code had been installed on his laptop. The code wasnÂt your usual Trojan Horse, in fact it was malicious code written for the purposes of covert cryptocurrency mining.
Cryptocurrency mining is the process whereby transactions on the blockchain are verified and new ÂcoinsÂ are generated thus giving the miner a cryptocurrency reward. Many cryptocurrencies allow for the mining to be run from a laptop or computers graphics processing unit (GPU). Malicious mining code can hide in a pop-up advert and ÂmineÂ perpetually Â dramatically slowing down the computer.
Whilst the reward from a single laptop may be negligible, if hundreds of laptops are all running the code the rewards may soon build up.
With the rise of corporations exploiting code and individuals GPUÂs questions are being asked about the legal position of undercover mining.
At first instance, it is likely that there is a liability towards individuals that may seek compensation for damage and distress caused by the unlawful activity. Regulatory sanctions may also come into play on the basis that there is a failure to comply with legal obligations to keep networks secure.
Furthermore, there will almost certainly be reputational damage done to the cooperation the StarbuckÂs case is a good example of this in that it may be required to notify its customers of the undercover mining.
Really, it all comes down to managing the risk. Much can be avoided if the corporations are alert to the risk of undercover mining and other cyber security risks.
Generally it is all about having procedures and precautions in place, and being aware.Â