The recent surge in cryptocurrency (e.g., Bitcoin and Ethereum) values has fueled a sharp increase in incidents involving cryptocurrency mining at Stanford. Cryptocurrency mining allows “miners” to earn financial rewards for validating cryptocurrency transactions. Michael Duff, the university's chief information security officer, explained that “Cryptocurrency mining is most lucrative when computing costs are minimized, which unfortunately has led to compromised systems, misused university computing equipment, and personally owned mining devices using campus power.”
Per university policy, Stanford resources must not be used for personal financial gain. As such, community members are prohibited from using university resources (including computing equipment, network services, and electricity) for cryptocurrency mining activities outside of faculty sanctioned research and course work. Below are some of the applicable policies:
- Research Policy Handbook, Sections 4.1(2)(B) and 10.6(4)(B)(2).
- Stanford Housing Residence Agreement — Entrepreneurial Enterprises Section.
- University Code of Conduct — Administrative Guide Memo 1.1.1: Section 8.
- Unrelated Business Activity — Administrative Guide Memo 1.3.5: All sections.
- Computer and Network Usage Policy — Administrative Guide Memo 6.2.1: Sections 2 and 5.
- Fundamental Standard — Violation of university policy, Theft of property or services, and Computer violations.
To reduce the risk of your systems being commandeered, this is also a reminder to apply software patches on a regular basis. For more secure computing tips, see our Security Guide top 10 list.
Questions regarding mining activities can be submitted to the Information Security Office via a Help request.
To read more about cryptocurrency and mining, see Cryptocurrency at Wikipedia.