This article tries to be an eye-opener for a security aspect that should get more attention: watching the electrical power consumption of your computers! If you start reading this article and it does not sound security-related, just have a little patience and be assured: it is.
In some countries, the costs of electricity are much lower than in others - nevertheless, no one should forget about saving energy. Did you ever try to monitor how much electrical energy your computer consumes? Don't rely on what some manufacturer tells you, try it out!
You would need a simple energy monitor for this. An energy monitor is a simple inexpensive (ca. 20 US$) device that you plug into a power outlet and then connect your device to it so that the electricity flows right through it and can be measured and monitored.
Ok, you don't have one right now? Well, let me tell what I learned by using mine.
I connected my pretty standard office machine, a desktop computer with a Corei5 CPU and integrated graphics to it.
As soon as the machine is plugged in (it is NOT turned on yet), it is consuming power! This is what a computer calls soft-off, the machine is down, but the power supply is still switched on - the normal "off-state" for maybe 99% of machines world wide. It consumes about 2 Watts just by doing nothing. Is that a lot? Let's see: roughly how many hours is it "off" per year? Lets assume 130 hours per week. 130 hours x 52 weeks x 2 Watts is roughly 14 kWh. Using the energy costs in Germany (about 0.35 US$/kWh) , that sums up to at least 5 US$ per year.
I will not try to explain why that machine is consuming energy even though it is shut down. Just take it for granted that many computer models do this.
Let's continue to look at the electrical consumption when it's on. Just working here, the computer hardly uses its full power. Usually the CPU will be mostly idle and the machine will consume a little less than 30 Watts - a pretty normal value for an office computer. Let's quickly calculate the costs for using it 40 hours a week for a year: That's about 60 kWh or 20 US$ per year. Together with "Off-consumption", that would mean energy costs of 25 US$ per year. I think we will agree that this (although it will add up if you have many machines) still does not sound like much.
Now let's assume my machine is used for a scientific experiment, a mathematical simulation. All its power will be needed, the CPU would be on for weeks, the graphics processing unit (GPU) as well and I would have to leave it on for a whole year 24/7. How much would that cost? Any estimations? You would need numbers first. My machine uses an additional 40 Watts if the CPU is fully used and another 30 if the GPU is fully used as well, so that would total about 100 Watts. Using it 24/7 for a whole year would mean almost 900 kWh or around 300 US$ of pricey German electricity! OK, you might live in a country where a kWh is about one third of this, but still I think you agree that it matters.
Now think of some overpowered monster gaming machine... What would that thing consume? No idea? Please visit https://outervision.com/power-supply-calculator to get an idea. I could imagine some gamers are amongst our readers and those will know that using resources above 500 Watts is no problem at all for a gamer computer. I configured a machine with 750 Watts. If you used that one 24/7 for a whole year full throttle, you would have energy costs of about 2,250 US$! But hey, who would be that crazy? You as a parent would know how to stop your child from doing this. You would allow 2 hours a day, max, reducing that to a little less than 200 US$ per year per child ;-) ...still, with many children...
OK, it's time to make a leap and turn to what we came here for, not looking at what your computer costs you, but at what it is worth - to others!
For example, let's assume you like to use some news site and read it daily for about 10 minutes. However you tend not to close the site when finished but you rather just keep it open the whole day. Now imagine, some sneaky website programmer has implemented a little piece of code that makes your computer work for him. "Work for him?" Now what could that mean? It could mean, the code ("script") on that website runs on your computer and uses its computational powers for his interests. To use just a pretty obvious example that could be bitcoin mining.
Let's say that sneaky script would add just 20 percent to your computer's daily energy consumption, an amount that would barely activate the cooling fans. What did I say my machine machine consumes per year when on, 20 US$? What would that additional 20% mean, a lousy 4 US$, right? So why care? Let that script run if it likes, it's better than some silly reminder that I should please turn off my ad-blocker ;-) Seriously, webmasters are considering this approach instead of displaying advertisements for the future, some are already using it!
Ladies and gentlemen, we have just heard the 1st answer to our title's question: through that news site, your slim 9-to-5 office machine, the way you use it, is worth 4 US$ per year for your energy supplier and some unknown amount for that news site, since they will use that script for something beneficial (who knows, maybe bitcoins). How bitcoin mining pays off on non-specialized hardware is hard to say and depends on what energy costs your country has - you would expect it to be non-beneficial on a normal desktop computer (the costs for electricity will be higher than bitcoin revenues), so the news site will only benefit from it since they use your computer, not theirs.
The overpowered gaming rigs of your three sons, what about these? Do you think someone would even notice when they consumed a little more, if some sneaky code was added to those games or communication apps - someone other than you who has to pay the bill? Imagine they added 20% to their cost, each would mean an additional 40 US$ per year. Ok, what's that compared to the price of 1500 US$ you spent to buy such a machine for each one of them... still nothing, right?
But wait, who came up with the numbers "just 20 %", "just 2 hours" - me? Why not paint a much more sinister scenario? Let's assume these gaming machines are infected with a virus which wakes them at night (yes, machines can be easily told to turn on on their own at some point in time) and during 2 AM and 6 AM use all the power they have to mine for bitcoins! Is that scenario too far out for you or will you follow into one last calculation? That would mean 4 hours using up the full 750 Watts of the machine - each day, year by year, unnoticed. Costs per year? Around 400 US$ - per machine. What such a machine is worth for the guy controlling it at night? Easily several hundred bucks. Do you think these sums are a large-enough motivation for the bad guys to make this happen? I surely do.
We have reached the end of the article and I will try a conclusion without even having mentioned any technical counter measures. My conclusion goes: accept the fact that we live in a quite funny "cyber-time" and that this is no wild fantasy but it is slowly becoming reality. Bitcoin mining is done world wide and is consuming more electrical power than you can imagine and it has still not reached its peak. As of today, the daily power consumption for bitcoin mining is almost 190 giga Watt hours (!), equalling the power consumption of the whole of Switzerland, millions of people, creating a respectable amount of air pollution. At the same time, the revenues of bitcoin mining reach new heights every day and stand at nearly 5 billion US$ per year with an almost 8 billion without paying for the energy costs - your computers are possibly worth a lot more to these bad guys than you may think. To add another statistical fact about air pollution: if mining efforts continue to rise like they did in the first quarter of 2018, then by the end of the year, the carbon footprint will reach almost 70 Megatons of carbon dioxide. Well, is that much? Imagine you see an area of 80 square miles covered 6 foot high in smoke of a deadly CO2 concentration. That is roughly the area of Washington D.C.!
So what can you do about it? Invest some money in a new anti-virus solution? Please don't. Seriously, it would be wiser to buy an energy monitor and monitor your computer(s) for a week and see if the numbers add up to what you expect - and if they don't, learn how to examine what is going on or find someone who knows! Acknowledge that buying some switchable power strip pays off, after all, get them and do switch them off, at least at night!
I'll finish with a little sad-but-true joke: did you know that several network administrators lost their jobs or were even arrested because they were caught trying to "enslave" their own company's servers to do bitcoin mining during weekends and during night time? I guess there will be many more around not getting caught. So never underpay your admins :-)
Credits for many numbers I mentioned go to https://digiconomist.net/bitcoin-energy-consumption