Last year, the number of new ransomware modifications increased 11-fold, from 2,900 in Q1 to around 32,000 in Q3, according to Kaspersky Security Bulletin 2016. The astronomical increase begs the question of what’s the impact when ransomware starts to take over Internet of Things (IoT) devices which is also expanding at a rapid rate. The ransomware phenomena has even led Kaspersky to declare the year 2016 as the year of ransomware, mainly due to the huge number of high-profile cases covered by mainstream media.
One Texas police unit lost 8 years of documents, photos, and videos when a ransomware attack corrupted files on its server, reported Dark Reading, one of the most widely-read cyber security news sites on the web. A hospital in Ottawa, Canada could not access almost 10,000 computers because certain employees had managed to infect the hospital network by clicking on email attachments containing ransomware. Dave Winston, chief for the Circle Sport-Leavine Family Racing, was advised by FBI to pay ransomware after a message appeared on the screen of his computer, stating, “All important files have been encrypted.”
These cases illustrate one important thing: there is now a new breed of highly sophisticated cyber criminals who are attracted by the huge financial gains made possible by highly targeted ransomware attacks. “These criminals have evolved over time and now bypass the need for an individual to click on a link. They do this by seeding legitimate websites with malicious code, taking advantage of unpatched software on end-user computers,” said FBI Cyber Division Assistant Director James Trainor.
Ransomware in the era of the Internet of Things
According to IHS, there are currently approximately 20 billion Internet of Things (IoT) devices. Statista, an online statistics, market research, and business intelligence portal, predicts that this number will grow to 50 billion by 2020, with annual revenues for IoT vendors exceeding $470 billion.
Today, Internet of Things are being adopted across a wide variety of industries, including manufacturing, distribution, supply chain management, marketing, healthcare, financial services, state and local government, energy, and many others. Some of the most significant advantages of the IoT include decreased costs, reduced errors, increased productivity, access to more information, better decision-making, and new business opportunities, just to name a few.
But with these benefits also come some far-reaching threats. “If you’ve paid attention to major news stories about companies being hacked, identities stolen, and even app-connected cars being hijacked, you’ll understand digitally-connected things have definite security risks,” writes Atlantic BT, a technology consultancy with over 18 years of industry experience.
So far, attackers have been using mostly a type of cyber-attack known as a denial of service (DDoS). For example, an unnamed IoT malware strain flooded the DNS server of an unspecified University located in the United States. Stephen Gates, chief research intelligence analyst at NSFOCUS, said, “On the surface, this appears to be more of a prank than a sophisticated denial of service attack. However, this proves that large-scale IoT takeovers are possible and should be a wake-up call to those who manage networks rife with insecure IoT devices.”
It seems that it’s only a matter of time before cyber criminals take critical infrastructure hostage using ransomware, potentially placing hundreds of thousands of people at risk. Just remember the 2016 hack of Ukraine’s power grid, which left more than 230,000 residents in the dark. “Medical devices that monitor and control human systems—including pacemakers, insulin pumps, and nerve stimulators—are all becoming Internet enabled. Unethical attackers will see these medical devices as the next step in their journey beyond hospital ransomware attacks,” states the McAfee Labs 2017 Threat Predictions Report.
What makes this new wave of ransomware attacks so dangerous is the fact that the affected system cannot be restored to a working order simply by performing a hardware reset. When cybercriminals compromised the four-star Austrian hotel Romantik Seehotel Jaegerwirt and managed to gain control over its electronic key system, the hotel management temporarily shut down the infected system and got rid of the ransomware.
Fortunately, the IT industry seems to be awakening to the growing threat presented by IoT devices vulnerable to ransomware attacks. A recent report by Cato Networks titled Top Networking and Security Challenges in the Enterprise states that 50% of IT staff and more than 70% of CIOs see defending against ransomware as their number one priority for 2017.