- Pizza Hut and Papa John’s employees pranked into talking to each other on the phone 3 Years Ago
- Twitter bullies brought Jordan Peterson to tears 3 Years Ago
- 25 last-minute Halloween costumes for those with no time to shop Today 1:30 PM
- Krassensteins return to Twitter and are immediately suspended Today 1:01 PM
- Tom Brady insists he didn’t parody Robert Kraft in ‘Living with Yourself’ cameo Today 12:52 PM
- Black security guard fired for telling student not to call him the N-word Today 12:38 PM
- How Watchmen’s Bass Reeves cameo ties into the original comic Today 12:34 PM
- Todrick Hall’s former assistant blasts him for abuse, non-payment, dissing Taylor Swift Today 12:32 PM
- Maggie Rogers calls out catcaller at Austin concert Today 12:12 PM
- Netflix’s ‘Unnatural Selection’ breaks down the pros and cons of biohacking Today 11:52 AM
- Did Trump flip off astronauts from the all-women spacewalk? Today 11:45 AM
- Report: Mark Zuckerberg advised Pete Buttigieg on campaign hires Today 10:29 AM
- ‘New Girl’ star Lamorne Morris handcuffed by white cop for recording his friend’s arrest Today 10:25 AM
- Mitt Romney, aka ‘Pierre Delecto,’ uses a fake account to lurk on Twitter Today 10:20 AM
- ‘The Laundromat’ sacrifices narrative for artistic experimentation Today 9:24 AM
Since the beginning of the year, several distributed denial-of-service (DDoS) attacks warned of the mounting threat of Internet of Things botnets. But absent a firm response from the tech industry and governments, the attacks grew in size and frequency, culminating in the late October DDoS attack against Dyn, which resulted in millions of people in the U.S. and across the world losing access to major websites.
The recent attack against the San Francisco Municipal Transportation Authority (SFMTA) might be the precursor to the next wave of ransomware attacks that will target the Internet of Things and Industrial Control Systems (ICS). Are we ready to face it?
What was significant about the SFMTA attack?
Ransomware is a kind of malware that locks vital digital resources and forces the owner to pay a ransom to the attackers in order to regain access to them. The most prevalent form of the malware is cryptoransomware, a virus that encrypts your files and sells you the decryption key, usually in bitcoins.
The SFMTA attack was a shift from the traditional ransomware attack in that it targeted functionality: The system wouldn’t take passengers’ money. SFMTA was forced to turn off its payment machines and give free rides to passengers until the system was restored to normal.
With the fast growth of the Internet of Things, anything and everything is becoming connected to the internet, making them potential targets. Many of these systems are aging and weren’t initially designed for the hostile nature of an internet environment. Even new devices being manufactured and shipped to the market are in large part riddled with security holes that are hard—and sometimes impossible—to fix, and connecting them will introduce new attack vectors for hackers to exploit.
What to expect from IoT ransomware attacks?
Even though it’s fair to say that, aside from a few days’ worth of revenue, SF Muni and the city weren’t very badly affected, the attack gives a good portrayal of what IoT-based ransomware attacks will look like.
What’s important is that IoT is effectively expanding the reach of the internet to the physical world, which creates a whole new range of cyberthreats that can be much more critical than some jerk hacking into your email or stealing your private data.
For the most part, expect the attacks to be focused on targets that conduct critical and costly tasks and cannot afford disruption in their ongoing operations, even briefly.
For instance, if a dark actor compromises the IoT systems of a hospital, the health and lives of patients will be at risk, and the target will be more likely to pay out because the ransom will pale in comparison to the life of a surgery patient.
Manufacturing plants where suspension of activity will cause a substantial drop in productivity can become targets of IoT ransomware attacks as well. These types of targets will be more incentivized to fork over the ransom rather than investigate and root out the malware.
After SF Muni, there’s already speculation over the target and damage of the next transit hack, such as critical infrastructure.
City power grids, for example, can also become an attractive target. The $6 billion damage that the 2003 Northeast U.S. blackout left in its wake show how devastating power failure can be. And last year’s hack of Ukraine’s electricity network showed that attacks against power grids are possible. Though that particular attack was politically motivated, there’s no reason why the same scheme can’t be used to extort money from the victims.
You could be a target, too
A proof-of-concept attack against a brand of connected thermostats gave insights into how ransomware attacks against smart homes might take place. In a hypothetical attack, hackers could take control of your thermostat while you’re away on vacation and threaten to lock it on a high degree unless you pay the requested ransom. Not having direct access to the appliance will leave you with few options.
Intel Security’s senior vice president, Chris Young, shed light on the matter in an interview with Bloomberg, in which he laid out a scenario where hackers take over an internet-connected car and ask the driver to pay a ransom in order to be able to drive to work.
While these scenarios might sound funny at the moment, with connectivity encroaching over homes, offices, vehicles, and everything else, the possibility that soon consumers will also become targets of IoT ransomware attacks is not far-fetched.
What needs to be done?
The signs are clear that IoT-based attacks will grow worse in the coming months. However, there are ways that the IoT security mess can be fixed. It will require the involvement and contribution of everyone involved, including manufacturers, service providers, the government, and consumers themselves.
The tech community failed to contain the recent wave of DDoS attacks in time. Will it succeed to prevent the tsunami of IoT ransomware attacks rising up on the horizon?
Ben Dickson is a software engineer and founder of TechTalks. His work has been published by TechCrunch, VentureBeat, the Next Web, PC Magazine, Huffington Post, and Motherboard, among others.