A Chinese headmaster has been fired after secretly mining cryptocurrency using his school’s electricity supply, according to reports.
Hunan man Lei Hua had dismissed reports from teachers of excessive power consumption in the building as the fault of air conditioning units and heaters, according to the BBC.
However, when they found the eight cryptocurrency mining machines he had hooked up to the power supply, the game was up.
They reportedly ran up an electricity bill of 14,700 yuan (£1600) mining Ethereum 24 hours a day.
After laying out 10,000 yuan on just one mining machine and seeing the exorbitant electricity costs that resulted, Hua apparently decided to minimize his overheads by moving the operation to the school in summer 2017.
However, it not only ended up costing the school a fortune in energy bills but also reportedly overloaded the network, interfering with teaching.
Hua was fired last month, while his deputy, who tried to get in on the scheme by buying and plugging his own machine into the school computer room, was given an official warning.
The case highlights the impact of cryptocurrency mining on organizations, especially those whose servers may have been hijacked in cryptojacking attacks.
A Canadian university was forced to shut down its entire IT network recently after discovering the malware on its systems.
Those attacks are on the rise. McAfee revealed that coin mining malware detections rose 629% in the first quarter to more than 2.9 million samples, while Trend Micro reported a massive 956% increase between the first half of 2017 and the same period this year.
"Just like in this school, cryptomining operations could be running within your organization’s network — draining vast amounts of energy without your knowledge. IT teams need to be vigilant,” argued Barry Shteiman, VP of research and innovation at Exabeam.
“The best thing to do is look for anomalies in your electricity bill. You should also measure changes in your HVAC usage for heat dissipation, although this will be more difficult. Beyond that, look for sudden changes in capacity or usage, as well as significant deviations in pattern and velocity.”
He added that “entity analytics” tools could also be used to help spot the irregular network behavior indicative of a cryptomining attack.