It’s not just data breaches and ransomware these days. It might be theft of computing cycles, or just plain “borrowing” physical servers.
Darktrace’s CEO gave an instance of a particular case where a junior staff at an Italian Bank [name withheld] stole servers that he ordered for on behalf of the bank. According to Eagan, the staff stole 12 such servers and stashed them under the floorboards in the data center of the bank where he had set up his own private mining facility. The staff avoided detection for a while but was caught when someone discovered unusual network connections originating from the bank and communicating with crypto mining servers.
There’s a lot of value in just using someone else’s computer to mine bitcoin and other cryptocurrencies. Why bother doing something obvious that draws attention when you could maybe use up power and memory for months without being noticed?