The Threat of Ransomware to IoT
The Threat of Ransomware to IoT
Ransomware users are searching for low-hanging fruit, and there's no fruit lower than IoT. See the state of IoT security and some advice to prevent attacks.
Join the DZone community and get the full member experience.Join For Free
For the last few years, ransomware has been a growing threat. In most cases, this malware prevents users from accessing their data or important resources on their computers until a ransom is paid. While the most sophisticated criminals ask for payment in bitcoins, lower level hackers have been known to ask for everything from prepaid credit cards to iTunes gift cards.
While thousands of individuals and businesses have been hit by ransomware — some businesses are actually attacked several times every day — hackers are beginning to set their sights on an even larger target: the Internet of Things. The simple fact that there are so many devices coming online now, and most are not adequately secured, has made the IoT a very attractive attack surface. But instead of simply costing the victims money (and in most cases, not a lot of money), ransomware attacks on the IoT have the potential to be deadly.
The Reality of IoT Ransomware
When most people think about the IoT, they think about their smart appliances. The typical home has at least one connected device in it, be it a thermostat, a television, or an appliance. Given that perception, it might be easy to dismiss the idea of a ransomware attack as harmless. After all, it’s rather unlikely that a hacker will be all that interested in preventing you from accessing your refrigerator or coffee maker.
The thing is, though, that the IoT extends well beyond household appliances. Everything from urban transportation systems to medical equipment to utilities and even our cars are connected to the Internet. Should any of these systems be locked down due to ransomware, the consequences could be dire.
We’ve actually already seen one ransomware attack on the San Francisco Municipal Transportation Authority late last year. Over Thanksgiving weekend, hackers locked more than 2,000 computers in the SFMTA system, and demanded 100 bitcoins (about $73,000) in ransom to provide the encryption key. In the meantime, the downed network meant that all the rail system’s payment terminals were down, and would not accept any payments from riders. So, while residents and visitors received free rail rides all weekend, the city lost more than a million dollars in revenue. City officials never revealed how they solved the problem and got the network back online (many suspect they simply paid the ransom) but the attack made it very clear that the IoT is in danger from nefarious individuals.
In the end, the major victim of the SFMTA attack was the city, which lost revenue. No one was injured, and riders were actually relieved to have a reprieve from fares for a few days. Experts note, though, that not all IoT ransomware will be as comparatively innocuous. For example, in 2003, a major electrical blackout in the northeast caused more than $6 billion in damage — and that wasn’t even the result of hackers.
Imagine the damage that an intentional attack on the electrical grid or other utilities. Hackers could conceivably shut down entire cities, cause major vehicle accidents, or even put the lives of hospital patients in danger if they were to prevent access to computer networks and data.
Protecting the IoT From Attacks
Given what has already happened in terms of ransomware and the IoT, the question isn’t one of if IoT networks will be attacked, but when they will be attacked and what the consequences will be.
For most consumers, the threat is insignificant because as of right now, there is no evidence that the payoff for attacking consumer devices is there. Therefore, consumers need to remain vigilant, take steps to harden their devices as much as possible (changing administrative passwords, protecting the network with strong anti-malware protections, etc.)
However, the industrial IoT is at an immediate risk of a ransomware attack, due to the payoff being much more valuable. The threat is real, and therefore protections need to be more robust. This might include regular firmware updates to close security vulnerabilities, implementing strong authentication mechanisms to avoid spoofing, and strong network security protocols.
Protecting the IoT from all attacks, including ransomware, is going to become a more urgent priority as hackers find new ways to reach valuable targets. By understanding the threat, and taking steps to protect against it, you can prevent major losses — and even, perhaps, major tragedy.
Opinions expressed by DZone contributors are their own.