Ransomware targeting the IoT devices have been the weapon of choice for most ransomware operators. As these security threats are real, it is high time that we understand the vulnerability of IoT devices…
The Internet of Things (IoT) have always been one of the emerging technology of this decade. According to Frost & Sullivan, the Internet of Things is expected to grow to $79.3 billion in Asia Pacific by the year 2020. With such huge business and growth rate of this magnitude, one can only imagine the wider security implications if there are IoT ransomware attacks on business enterprises.
If you have followed the news on cyber-crime and security, then you would have known about the risks of ransomware. While it’s obvious that ransomware is already a security issue, it has evolved not just attacking computer networks but also against Internet of things devices. The reality is that ransomware continue to proliferate digital home appliances, cars in which ransomware coders have exploited the security vulnerabilities in IoT systems. Security experts globally have already raised concerns over the convergence of ransomware and IoT based attacks. So, what are its implications for all of us?
First of all, we need to understand the modus-operandi of the ransomware operators. Ransomware basically is about targeting crucial files in computers of individual or business users which are critical for business operations. Once the business data is encrypted, the ransomware operators demand cryptocurrency (usually Bitcoin) from organizations in order to decrypt the critical files. So, how does targeting IoT devices instead of mission critical data of businesses help the ransomware operators? To understand this malicious concept, we need to understand that certain devices that are based on IoT are indeed critical to business operations and disabling them is a big loss for the organizations. As Internet of things becomes more complex and widespread, it’s quite obvious that the potential targets for the ransomware operators also increases. So the logic here is that — along with the individual victim’s or organizational data — ransomware operators also compromise the data collected through a device’s sensors by hijacking the IoT devices. Hence, organizations will find their critical device’s physical functions disabled in addition to their crucial data encrypted by the ransomware operators. This implies that organizations that are not capable to retrieve the encrypted data and enable their mission critical devices functional in a IoT based system will end up paying the ransom or be prepared for the business loss. One can also imagine the loss if ransomware operators target the self-driven cars in advanced countries where the victim is faced with the life and death situation!
Again, these attacks can be minimized with adaptation of emerging security technologies and IoT device vendors and other partners in the eco-system working out the security bugs in their products and solutions. So, the solution lies in integration of security in IoT based system and ensuring that for each simulated and real-time malware attacks — there are counter measures that neutralizes the threat. But this is a huge challenge to the whole of IoT Industry and other players in the eco-system.
The onus is on the CIOs/CISOs/CTOs to ensure that their team is responsible for the security issues in IoT devices and other sub-systems before the procurement process and deployment of IoT systems. The security team that are responsible for the IoT devices should assess the security of each and every device by testing whether the default access parameters can be easily changed by its end users. For example, it’s crucial for the security team to examine IoT-enabled devices such as the Internet-enabled cameras that made up the Mirai botnet. This is because the manufacturers of these Internet-enabled cameras never thought of giving the end-users the option to change their password.
One key factor that is crucial for the security of IoT based system is the concern of insecure protocols. One must disable the insecure protocols and avoid using them. This is because as some manufacturers fail to invest in secure protocols these IoT based devices does not use secure protocols. Currently, there is no such thing as global Industry standards for secure IoT based devices. Hence, it is the responsibility of buyers to ensure that their IoT based devices are secure. To illustrate this point further, last year it was reported that there was several vulnerable webcams that shared real-time videos without the need of password for authentication.
One of the key security assessment in IoT based devices is the need for evaluation of recovery process. For instance, several IoT based devices can be reset to original settings by the usage of factory reset option with a single click and some of them can be reset with the help of manufacturers. What is alarming is the fact that some of these IoT based devices lack the recovery option and hence if they are compromised, the end-users are forced to pay the ransom. So the security assessment should figure out the recovery process of their IoT devices in case if they are compromised by the ransomware operators.