In recent times, ransomware like WannaCry and Petya have infiltrated thousands of computers across the globe, crippled operations of at least a handful of enterprises and government agencies, and have so far proved to be an intractable problem. Their primary targets have been systems running unpatched versions of the Windows Operating System.
Consumers and enterprises, alike, have started becoming vigilant of these threats and are trying their level best to keep their systems and devices protected. However, there still exists a danger that is looming large on the horizon and that is “IoT ransomware”. So far, not enough consideration has been given to the same, both by experts and users.
IoT ransomware: A deep dive
Ransomware is a malware that encrypts the victim’s files and renders them unusable until a ransom, usually in the form of bitcoins, is paid. The attackers take advantage of the fact that personal devices and systems hold critical data of individuals as well as organizations which the owners would want to retrieve at all costs. They bet in favour of the data owners succumbing to their demand due to either criticality of data or time constraints or both. So far, this extortion virus, has majorly been impacting computing devices like desktops, laptops and smartphones thereby halting an overall workflow. But with IoT devices, this can take an all new shape and form which can potentially be far more devastating than what we have seen so far.
When an IOT device is compromised through ransomware, its functionality is altered, to perform differently from the desired state. For example, in a connected home environment, a Nest Thermometer could be hijacked so that it jacks up the room temperature to unbearable levels, and if you are at home you are forced to get out or if you are out vacationing, you will return to shocking electricity bills.
In an industrial scenario, there could be general chaos created by the hijacking of power grids, traffic signals, production lines, pumping stations, and so on, which could lead to disruption of civil life and even loss of lives.
As the Internet of Things penetrates deeper into our home and office environment, the impact of ransomware attack will only be more damaging.
Tackling IoT ransomware
The simplest way to tackle the IoT ransomware threat is to try and apply the same kind of controls that you would on a device like a laptop. This holds true for both organizations and manufacturers alike.
For enterprises, it is important to adopt, implement and use all the safety measures recommended by the manufacturer, and continuously install the patches they offer. Further, some general safety points to be kept in mind include:
- Devices should be secured with network perimeter firewalls. There are generic firewalls and some IOT specific firewalls available for this.
- Manage the devices effectively; ensure end to end visibility and monitoring of all devices, preferably using ‘single-pane-of-glass’ monitoring
- Ensure that unused or even rogue devices are promptly detected and taken down
- Automate patch management and security updates
- Change default factory-set passwords and keep changing them periodically.
Additionally, establish a process of remotely upgrading firmware, have a reliable authentication mechanism and a safe security certificate life-cycle management.
IOT ransomware attacks can be devastating in their full-blown form; and the timely awareness, detection and sealing of security vulnerabilities in these devices is very critical. IOT devices present a different set of challenges from laptops and computers, but with diligence and safety consciousness, the attacks can be prevented or mitigated.
Experience the best-in-class solutions offered by Seqrite