Cybersecurity specialists with Intel Security have found and demonstrated how vulnerabilities in everyday connected devices allow hackers to take control and hold entire aspects of your life for ransom.
Ransomware is one of the top cyber threats of 2016. The cybercriminal tricks an unsuspecting victim into opening a malicious file or clicking on a link that causes their computer, tablet or smartphone to become infected with the specific type of software (malware) that encrypts all the data stored on the device. These cybercriminals then hold your systems hostage until you pay their ransom to unlock the files. Ransoms range from a few hundred dollars into the thousands, depending on the victim.
Ransomware can also install malware that steals your company’s data. The most immediate impact is the downtime to your business as you are no longer able to access data, use your systems, or perform basic functionality while your infrastructure is locked down.
As technology advances and more devices are connected, the potential for these cybercriminals to target other systems such as vehicle systems, home automation systems, mobile devices becomes much greater. When cybercriminals start targeting homes and vehicles, the threat becomes less of an annoyance and a much more potentially dangerous situation.
Raj Samani, CTO EMEA at Intel Security, stated that researchers at Intel Security recently discovered a vulnerability in the infotainment system of a connected car from one manufacturer, which could allow criminals to install malware on the vehicle’s systems by putting it on an SD card and loading that into the infotainment system.
This attack was demonstrated by having the malware play a single song over and over again. Samani also went on to say that people may choose to not pay when it comes to their files, but when they can’t get their car out of their driveway, then they will pay. This is a real possibility as there is no clear separation between a vehicles engine control unit and other systems, so hackers could easier affect any system in the vehicle.
Intel Security also demonstrated how easy it would be to infect home systems by demonstrating on a standard router from amazon that sold over 100,000 units. All routers ship with default login credentials, and cyber attackers could easily connect to these devices using Shodan, the search engine for connected IoT devices and infect them with ransomware or other types of malware. Hackers would gain control over home automation systems and alarm systems.
Ransomware can be prevented by keeping your malware & antivirus solutions updated and most importantly spreading awareness, and ensuring people don’t fall for the scams.