South Korea’s Ministry of Science and ICT recently got a bit of surprise when it learned that a server operated by an affiliated institution was used for about a year to mine Bitcoin.
According to the ministry on Thursday, the Korea Institute of Geoscience and Mineral Resources discovered during a recent internal systems check that an illegal mining program had been installed on its server. The institute dutifully reported this on May 24 to the Ministry of Science and ICT, under which it operates.
In the following primary investigation, conducted jointly by the ministry and Korea’s National Intelligence Service, investigators confirmed that an employee at the contractor responsible for maintaining and repairing the research servers secretly installed the mining program.
An official from the Korea Institute of Geoscience and Mineral Resources told the daily newspaper Dong-A Ilbo that the suspect ran the mining program during the institution’s off-hours, 7 p.m. to 7 a.m., for about a year, starting in May 2018.
Though the contractor also handles server maintenance for other Ministry of Science and ICT institutions, an official from the ministry told the press that an investigation of all the computers the employee in question worked on turned up no additional illegal programs. This was simply a case of one individual secretly installing the program on a specific computer, the official said.
That said, this wasn’t the first case of a server at an institution affiliated with the Ministry of Science and ICT being used to mine cryptocurrency. In February, a student at a research institute in Ulsan got caught three days after he installed mining software in the institute’s computer room.
The ministry has ordered all 63 of its affiliated institutions to check their servers and strengthen their security protocols regarding contractors. The ministry plans to launch a secondary investigation after receiving the reports of the affiliated institutions’ internal checks.
Unsurprisingly, the incident has led to calls for better security practices at government-affiliated institutions.
Secretly using somebody else’s server to mine cryptocurrency is called “cryptojacking.” Since mining crypto could use up most of your computer’s CPU, crytojacking may render your system useless for concurrently doing anything else. A computer industry official told Maeil Business Newspaper, however, that cryptojacking is growing more sophisticated. Now, for instance, programs can adjust CPU usage so that unless you’re monitoring your computer in real time, you might never know there’s a mining program on it.