Should We Be Worried About IoT Ransomware?

The first reported ransomware attack on Internet of Things (IoT) devices happened in 2017: Traffic cameras in Victoria were infected by WannaCry ransomware. The infection wasn’t the result of a targeted attack—the cameras were mistakenly connected to hardware that got infected—and there was minimal damage. But the incident illustrates that IoT devices, from smart TVs to pacemakers, are vulnerable. There hasn’t yet been a major security incident involving enterprise IoT, but cybersecurity company Venafi predicts that 2020 could be the year an entire IoT network is held for ransom.Is IoT Ransomware Really a Threat?During the past year, ransomware attacks have become more targeted, sophisticated, and expensive. Ransomware attacks have shut down medical centers, government agencies, educational institutions, and other organizations—downtime and data recovery for an infected organization costs thousands of dollars. It may be only a matter of time before attackers move from targeting organizations’ servers and workstations to targeting groups of IoT devices, according to AIthority. Although IoT devices can make our lives easier, these devices also tend to be among the highest areas of vulnerability in any IT network. IoT devices often operate on outdated software and legacy systems, and they have little to no built-in security. Additionally, they are increasingly used to collect, store, and transfer data. And they’re another entry point from which attackers could gain access to sensitive data elsewhere on an IT network.How Would IoT Ransomware Differ from Classic Ransomware? Although hackers could use IoT devices as an entry point in a classic ransomware attack, the end game strategy would likely be quite different. During a classic ransomware attack, cybercriminals rely on vulnerabilities to gain access to the greater IT network. Once inside, they locate critical data and encrypt it on a massive scale, demanding a ransom to regain access. Alternatively, IoT ransomware attacks would depend on locking, shutting down, or damaging the device itself—at precisely the right time—to demand a hefty ransom. Simplicity and financial gain are the primary motivators in any ransomware attack; cybercriminals would have little use for the data stored on your refrigerator. Instead, they’ll aim to lock your devices in a damaging, annoying, or threatening way. [caption id="attachment_29772" align="alignright" width="300"] Photo by Bence Boros on Unsplash[/caption] Hackers could incessantly turn your home lights on and off, or lock the thermostat at an extreme temperature until you pay a ransom. Or it could prevent your vehicle from being drivable until you’ve paid up. Or, more dangerous, an insulin pump or other medical device could be hacked. As Silex malware proved last year and many white hat hackers have been demonstrating for years, stopping or locking IoT devices is very possible. The UK is leading the way in improving cybersecurity for consumers with codes and regulations for manufacturers of IoT devices. Ideally, other governments will follow suit. Until then, it’s important to stay educated on the security risks associated with IoT device usage for prevention and protection purposes.