Cryptocurrency mining equipment was clandestinely installed and operated within the Supreme Administrative Court (NSA) in Warsaw, raising concerns not only about electricity theft but also about security breaches.
The illegal mining rigs, which are energy-intensive, were concealed in the building’s air ducts and went unnoticed until an employee spotted them, leading to the termination of the service contract with the building’s maintenance firm.
Warsaw investigators are currently probing the incident to determine the full scope of the issue.
Unofficial sources reported that the mining rigs were equipped with their own internet modems, suggesting they didn’t rely on the court’s network, which according to NASK (the National Research Institute) experts, minimized the risk to the NSA’s network and infrastructure. However, the existence of remotely controlled computer equipment within the NSA building raises potential risks for wireless network attacks or threats to network users.
NASK experts emphasized that the main concern is the physical security of the premises, highlighting the serious issue of unauthorized devices operating within the court. Such instances are rare in public institutions, with occurrences numbering in the single digits annually. It’s noted that businesses and public entities seldom report these incidents, possibly due to the reluctance to involve law enforcement.
Cryptocurrency mining on official equipment is not isolated to courts; similar incidents have occurred within the police headquarters where a civilian IT worker was caught mining in July 2021 and subsequently dismissed. Another mining operation was uncovered at a police school, which is also under investigation.
While the theft of electricity is a tangible offense in such crimes, cybersecurity poses a more nuanced threat. External IT infrastructures, like mining rigs, can disrupt proper data processing and pose physical dangers, such as fire risks due to their illegal and clandestine nature.
The prosecutor suggested that while the installation of mining rigs is not inherently complex, the challenge lies in preventing such installations. He recommended that companies and institutions implement preventative procedures, although he acknowledged that no system can offer absolute protection since human error is often the weakest security link.
Michał Grzybkowski, a data center founder and cryptocurrency author, explained that mining involves solving mathematical calculations to earn cryptocurrencies. He noted that the scale of electricity theft can be determined by comparing energy bills over time, where a significant unexplained increase could indicate the presence of an illegal mining operation.
The expert also described the competitive nature of cryptocurrency mining, where miners join forces in pools to increase their chances of earning rewards, which are then shared based on each member’s computational contribution to the mining process.