Intel and Microsoft are collaborating on a new project to help enterprise and small business customers avoid security issues that may involve others using PCs on your network to mine cryptocurrencies, known as cryptojacking.
The protection will be built into Microsoft Defender for Endpoint on systems using 6th Gen or later Intel vPro and Intel Core processors. Specifically, it uses Intel Threat Detection Technology, or TDT to take advantage of the CPU for machine learning to detect cryptomining.
In a press release, Intel stated that the rise of cryptocurrencies in the mainstream and their increase in value means that “cybercriminals [will] shift their focus from ransomware to cryptojacking.” Intel claims that there was a 53% increase in mining malware attacks in the fourth quarter of 2020 compared to the quarter before it.
Cryptojacking, just like normal cryptomining, weighs heavily on a computer’s resources and sends the crypto back to a wallet. This could drastically slow a computer. Intel suggests some cryptojackers can also spread over a network, where large businesses could have hundreds or thousands of devices.
Intel’s TDT technology will use its machine learning and telemetry to “fingerprint” the suspicious activities, some of which it can offload to the integrated GPU. The cryptojacking threats will appear in Windows Defender to people using their devices, just like any other threat.
In a separate release, Microsoft’s Karthik Selvaraj, principal research manager on the Microsoft 365 Defender research team wrote that “[e]ven though we have enabled this technology specifically for cryptocurrency mining, it expands the horizons for detecting more aggressive threats like side-channel attacks and ransomware.”
At the moment, this appears to only be available on 6th Gen or later Intel vPro (and some Core) platforms running Microsoft’s enterprise security suite. It’s unclear if there are plans to further expand the program to general users or other silicon.