With the skyrocketing prices of cryptocurrencies like Bitcoin and Etherium nowadays, some people have resorted to malicious activities in order to earn more - and tech giants Intel and Microsoft have teamed up to stop cryptojacking in its tracks.
Cryptojacking refers to the darker, malicious side of cryptomining - sending and proliferating malwares that use the victim's resources to mine cryptocurrencies on the attackers' behalf. It has targeted both business networks as well as personal devices - laptops, mobile phones, and tablets.
Last April 26, Intel announced that its Threat Detection Technology (Intel TDT) will find a new feature unlocked under the Microsoft Defender for Endpoint. More than its existing accelerated memory scanning capabilities, the TDT will see the activation of a central processing unit (CPU) based cryptomining machine learning detection. The move is expected to accelerate endpoint detection and response against cryptojacking for millions of customers without adding burden to their devices, compromising experience in the process.
Expanding Defensive Capabilities in the Cryptocurrency Age
"This is a true inflection point for the security industry as well as our SMB, mid-market and enterprise customers that have rapidly adopted Windows 10 with built-in endpoint protections," said Michael Nordquist, senior director of Strategic Planning and Architecture in the Intel Business Client Group, in a statement. "Customers who choose Intel vPro® with the exclusive Intel® Hardware Shield now gain full-stack visibility to detect threats out of the box with no need for IT configuration. The scale of this CPU-based threat detection rollout across customer systems is unmatched and helps close gaps in corporate defenses."
The Intel TDT is a part of the brand's Hardware Shield and its suite of capabilities on the Intel vPro® and Intel® CoreTM platforms that powers endpoint detection and response solutions.
"Intel is unlocking capabilities in its system on a chip that fundamentally change the rules of the game," says Frank Dickson, IDC Security and Trust program vice president. He adds that the chip-level telemetry and functionality enables the chips' compute platform to take a more active role in defense against these "above-the-OS" attacks, as is the case with cryptojacking malware.
Regarding the importance of this collaboration between Intel and Microsoft, Intel cited a previous report stressing that about 5,400 different cryptocurrencies have been traded with an equivalent market capitalization of more than 200 billion dollars. Since then, the increasing use of these virtual currencies have been steadily growing, finding mainstream use for wireless transactions worldwide.
How Intel TDT Works
Intel TDT supports endpoint security solutions in harnessing CPU telemetry and hardware acceleration to detect suspicious activity. The threat detection technology employs both CPU telemetry and machine learning heuristics in identifying anomalous behavior.
With this technology in place, supported Intel chips' CPU performance monitoring unit (PMU) stays beneath the usual applications, the OS, and other virtualized layers to observe the existence of active threats across all layers of the stack.
In the event the Intel TDT finds a high-fidelity (Hi-Fi) signal that sets a remediation workflow in motion. This helps the infected PC mitigate the threat and prevent lateral movement across the network.
Published on Tech Times.