Mining cryptocurrency at work lands Australian civil servant in court

A 33-year-old man from Sydney, New South Wales, could be sentenced to up to 10 years in jail after allegedly hijacking computers at his workplace to mine cryptocurrency for him.

He’s probably not the first person in the world to be tempted into trying that particular ruse, but what raises eyebrows on this occasion is that the man was an employee of the Australian government.

The Australian Federal Police (AFP) report that the IT worker took advantage of his position to take advantage of the unnamed federal government agency’s computer network to mine for cryptocurrency.

The man, from the Killara suburb of Sydney, is alleged to have made more than AU $9,000 (approximately US $6200) from the scheme before police searched his home in March, seizing a personal laptop, phone, employee ID cards, and data files.

Quite what alerted the authorities in the first place to the alleged crime is not clear, but it’s not beyond one’s imagination to consider that colleagues in the government department’s IT department might have spotted unauthorised code running on their network, or a much larger electricity bill than normal.

Clearly there are plenty of people who find it hard to resist abusing work computers to mine for cryptocurrency – either because they do not have enough computer power at home or don’t fancy paying the bill for what might be a fairly significant amount of electricity.

It certainly wouldn’t be the first time that workers have found themselves in hot water for stealing resources to mine for cryptocurrency.

For instance, last year Russian scientists working at a top-secret nuclear warhead facility were alleged to have used the power of one of the country’s most powerful supercomputers to mine Bitcoins.

More recently, a Chinese man was sentenced to three and a half years in jail after stealing electricity from a train station to power around-the-clock a Bitcoin mining rig comprising 50 computers and three electric fans.

In another case, a Taiwanese man was arrested after being suspected of stealing over US $3 million worth of electricity to power his Bitcoin and Ethereum mining rig. According to reports, the suspect opened 17 business premises posing as toy shops and internet cafes to hide the alleged cryptomining operations, and it was only when the power company noticed irregularities in the electricity supply that police investigated.

Using computers without authorisation to mine for cryptocurrency isn’t just a problem of not asking your boss’s permission, or stealing electricity. It’s also a security risk.

Installing cryptomining software onto a computer whose primary purpose is to perform another task opens the system up to potential problems. Even before you consider the possibility that malware or vulnerabilities may be introduced onto a computer, there is also the risk of incompatibilities and bugs that may cause systems to stop operating properly.

“Australian taxpayers put their trust in public officials to perform vital roles for our community with the utmost integrity,” said the AFP’s Chris Holdsmid. “Any alleged criminal conduct which betrays this trust for personal gain will be investigated and prosecuted.”

The unnamed man was scheduled to appear in Sydney Local Court today, in response to charges of unauthorised modification of data to cause impairment, and unauthorised modification of restricted data. The charges carry maximum penalties of ten and two years imprisonment, respectively.

*** This is a Security Bloggers Network syndicated blog from HOTforSecurity authored by Graham Cluley. Read the original post at: