IoT is an invitation to ransomware
The Internet of Things offers many potential advantages—and one huge disadvantage: It will cause ransomware attacks to spike.
The first significant exploitation of IoT devices by malicious parties took place this past year with the Mirai malware. Devices were recruited to form a botnet that was used for large-scale denial-of-service attacks.
This type of ransomware attack is somewhat different from the more conventional type that encrypts data and locks the user out of their system. In these instances, backup restores and system reimaging may allow the user to regain control of the system.
With IoT ransomware, the attacker’s goal is to prevent the victim from controlling a device and the function it provides.
Imagine that it’s winter and you’re locked out of your home thermostat when it’s 10 degrees Fahrenheit outside. The homeowners’ instinct will be to figure out how to pay the ransomware and get back control before they freeze. Now imagine that this same scenario plays out on a larger scale, like with the HVAC system of a corporate data center. What damage could an air conditioning shutdown do to the data center’s servers?
Similarly, widespread lockouts of IoT-based medical devices, such as pacemakers or drug infusion pumps, could have dire consequences.
All of these IoT devices have an embedded data gathering application, which communicates with other cloud-based applications and storage facilities. A cybercriminal can corrupt or encrypt data being sent to the cloud application in the same way that a computer system can be subverted to lock the device. As the number of IoT devices grows, so will the number of ransomware attacks that exploit their vulnerabilities. It is no secret that these devices have default credentials, use insecure configurations and are notoriously difficult to upgrade. This makes them inviting targets.
In addition, very low-level protocol hacks like KRACK will give attackers new ways to bypass and compromise a large-scale IoT infrastructure, such as a building’s HVAC system. Accessing the protocol may give the perpetrator the ability to inject or manipulate data to alter the device network’s function.
Here are a few recommendations for safely deploying IoT devices:
- Secure the software: Cybersecurity professionals need to ensure that the software provided by the device manufacturer is robust and secure.
- Secure the hardware: Physical security goes hand-in-hand with software security, and tamper-proofing measures should be integrated into all device components to prevent them from begin accessed and decoded without permission. Consider adding switches or breakers that allow the user to physically turn off certain features; for example, a mute button for devices with microphones, or hard upper and lower setting limits for temperature controls.
- Secure the network: Verify that secure protocols like HTTPS are being used for the data exchanges between an IoT device and any backend management or storage systems. Replace any default credentials with stronger passwords or keys.
These basic security precautions will help defend against IoT ransomware attacks. At the end of the day, it is important to treat IoT devices like any other IT system that is being deployed and to secure these devices as you would any other device.