IoT Devices Vulnerable to Ransomware Attacks

Yesterday, I wrote that Javvad Malik, security advocate at AlienVault, had three reasons for why the Internet of Things (IoT) is at risk for ransomware: the growth (and growing pains) of IoT, the evolution of ransomware, and end users who aren’t aware of the risks. I already covered the growing pains of IoT. Today, we’ll talk about the other two issues.

We know that ransomware is a big problem. A Dark Reading article called it the security industry’s “most feared vulnerability,” adding:

This sophistication and business savvy speaks to ransomware’s growth as an industry, and IT has had to take notice. A recent survey of IT professionals from around the globe found that more than 50 percent of IT staff and more than 70 percent of CIOs see defending against ransomware as their #1 priority for 2017.

Now, Malik pointed out to me, as connected devices increase in popularity, they become a more attractive target to hackers and cybercriminals, and since cybercriminals are turning to ransomware as their attack of choice, we have to anticipate that the bad guys will use it for IoT attacks. Malik added:

The likelihood of this risk and the ease of exploitation will depend on several factors, such as how widely used the devices are, whether they use default credentials or whether they have weak protocols. The other consideration is how easily a compromised smart device can be recovered if infected with ransomware (e.g., a simple reset vs. needing to track down impossible manufacturer codes).

Malik also believes that this evolution of ransomware to IoT will have a devastating effect that we don’t see with ransomware found on traditional devices. Right now, when ransomware hits a computer, it will only affect data on that device or network. However, he said:

With IoT, in addition to impacting the data within the devices, ransomware can render physical functions inaccessible. For example, ransomware that infects a smart thermostat can turn up the heat to full unless a ransom is paid. Looking forward, smart cars and even smart cities may be targeted – and while real-life attacks have not yet been seen, the impact of ransomware on such utilities can be truly life-threatening.

This leads to why Malik warns that end users have to beware the risks on IoT devices. We have to expect the risks from ransomware or other similar techniques used to hold smart devices ‘hostage’ will continue to rise. That corresponds with a recent study from Ponemon Institute that found, according to TechRepublic, that 81 percent of IoT apps aren’t tested for vulnerabilities. The devices are ripe for takeover by cybercriminals, which is why Malik advised:

As a result of this new threat landscape, it’s important for buyers to be more astute in their purchasing choices. Before buying and using a smart device, they should assess the risk of comprise, and evaluate how easy it is to harden the product (e.g., changing default credentials and disabling insecure protocols). They should also have recovery plans in place, so they are prepared in the event their device does become infected. After all, in a world where it’s no longer a question of if an attack will happen, but when, being able to rapidly detect and respond to it is the best approach to mitigate its impact.

Sue Marquette Poremba has been writing about network security since 2008. In addition to her coverage of security issues for IT Business Edge, her security articles have been published at various sites such as Forbes, Midsize Insider and Tom’s Guide. You can reach Sue via Twitter: @sueporemba