Don’t leave the backdoor unlocked for Ransomware!

With the fast growth of Internet of Things, anything and everything is becoming connected to the internet.The rise of IoT brings huge advantage to businesses, consumers, and researchers in different sectors. Energy savings, enhanced health data, improved vehicle performance and accurate crash analysis are just some of the benefits of IoT technology.

IoT devices range from existing old devices like Surveillance cameras, home security cameras or DVR players to recent smart home devices like temperature control , smart locks , automated oven and many more. IoT devices have stepped into new era of starting to dominate in connected car markets for autonomous driving and vehicle to vehicle communication . The connected car devices will start responding to sensors based on STOP signals and Intelligent traffic routing and respond to proximity of cars to avoid collusion. The other trend where IoT devices are seen growing are in hospital and in Industrial Control System.

Given that IoT had predominantly occupying your home and car and eventually seeing and listening to you all the time, securing them against the hackers becomes absolutely essential.Leaving them unsecured is digital equivalent of leaving the back door unlocked. There are 5.5 million new things getting connected every day in 2016, as we head toward more than 20 billion by 2020, according to Gartner.

These attacks are not that we foresee that it will happen but it has started getting prevalent. We are already seeing some increased traction on Ransomware attacks on the IoT devices.Ransomware is a form of malware that targets your critical data and systems for the purpose of extortion. Some of the known ransomware such as Cryptowall and Locky are used to find and lock valuable files on targeted machines . To regain access, the victims will not have a choice other than forking over the ransom money or reinstall the system which eventually results in lose of data if not backed up. So the general landscape of Ransomware attacks so far was towards sensitive data that have financial values.The trend seem quite shifted quite a bit last year when Ransomware started targeting IoT devices ranging from surveillance camera, hotel doors to public transport system.

Hackers infected 70 percent of storage devices that record data from D.C. police surveillance cameras forcing major citywide reinstallation efforts to get the recording back to normal. Attackers held an Austrian hotel network for ransom, demanding $1,800 in bitcoin to unlock the network.The SFMTA attack was a shift from the traditional ransomware attack in that it targeted its functionality.The system wouldn’t take passengers’ money. SFMTA was forced to turn off its payment machines and give free rides to passengers until the system was restored to normal. These attacks were recoverable with either losing few days of revenue or by the cost of replacing a new equipment.

The future attacks on IoT devices might scale bigger and will primarily aim at privacy and safety issues. IoT devices are growing in face pace in healthcare, home appliances, industrial control systems (ICS) and vehicles. Hackers can correlate feeds from IoT devices and gain access to our smart home and car . If security monitoring system is hacked to see what is happening inside the house,gaining entry into a home by hacking a smart home lock will not be big challenge. Gaining access to connected car becomes even more dangerous when they access brakes and locks of the car. With vehicle to vehicle communication coming soon along with autonomous driving, IoT hacks can lead to life threatening dangers.

Unfortunately, there is no “silver bullet” that can effectively mitigate every possible IoT cyberthreat . But IoT vendors can distinguish themselves by using a right security posture for the end users. Security vendors offer endpoint sensors and cloud based security for IoT and IoT managed services.

But what we need to look for from a security vendor is, how effective the security is with less noise and with high fidelity alerts. One thing that will be common in all bad actors is their intention of behaviour. IoT security should target such behaviour anomaly and alerting or blocking actions that is not normal. Anomaly based machine learning algorithm combined with two factor authentications should be enforced to secure the little IoT endpoints which will become part of major attack surface .Investments to protect family’s safety and reputation in this hyper-connected world is getting more crucial than ever before.