In June, Dark Reading asked a very relevant question: “Ransomware is already a problem. The Internet of Things (IoT) has had a number of security issues. What happens when the two combine?”
With the rate of technology innovation and increased cyber security risks to IoT devices, we also need to ask, ‘why have devices suddenly been linked to cyber security and increased ransomware?’ Cyber criminals and hackers are not innocent, their attack is focussed around one thing, and one thing only: your money. They are not interested in the glory of taking control of your smart fridge or coffee machine, but the the inconvenience that this causes, that in turn, provides the motivation for you to pay the ransom.
These questions were addressed in a joint report from the UK’s National Cyber Security Centre and National Crime Agency in March 2017. The authors say that not only are cyber criminals now more aggressive, but it is the proliferation of connected devices that is now providing them with more doorways than ever before that they can sneak through.
The IoT has now transitioned from starting off as a marketing buzzword to a household term and the majority of people, whether they know it or not, have some form of connected smart device ranging from connected thermostats such as Hive or Nest to smartwatches that track their exercise and calories.
According to a study from Gartner, by 2020 more than half of major new business processes and systems will incorporate some element of the Internet of Things. The report also states that addressing compromises in IoT security will have increased security costs to 20% of annual security budgets, an increase from less than 1% in 2015.
If we are going to be able to protect ourselves from ransomware infiltrating our smart devices, we need to be smarter about what we let into our systems and disconnect our risk-laden devices that do not necessarily need to be connected to the Wi-Fi network. If you do decide to connect them to your network, make sure the passwords are changed. You should also be wary of apps that you may download onto your phone, tablets or other smart devices as doppelgangers can be created by cyber criminals and hackers. This could allow them to record your keystrokes, revealing personal data, or open a backdoor into your system. An easy way to check if apps are genuine is to look at the reviews and ensure that you are downloading them from a verified platform.
Last year, it was estimated that householders in the UK paid out £4.5 million in ransoms, showing that even you or I, logging on to our smart devices at home, could be confronted by the skull-and-crossbones insignia with a demand for payment in return for the release of our own data.
With the ever growing risk of ransomware infiltrating personal devices, it is imperative that individuals as well as organisations are able to not only understand the risks that smart devices can pose to their security infrastructure but also how to protect themselves from these risks.
If you would like to speak to Smoothwall about advice on building a multi-layered security system, please contact one of our security specialists today.