Pinterest Stumbleupon Whatsapp
Advertisement

In late-November, cybercriminals hit the San Francisco transport agency with a ransomware attack. Travelers weren’t complaining; they got a free ride around the city for a few hours. But for the agency, it was a financial and PR disaster.

All the signs point towards these types of attacks becoming more common in 2017. Attacks on home users aren’t going to go away, but for the criminals, large organizations represent more money, more exposure, and more likelihood of a payout.

What systems and sectors are vulnerable A History of Ransomware: Where It Started & Where It's Going A History of Ransomware: Where It Started & Where It's Going Ransomware dates from the mid-2000s and like many computer security threats, originated from Russia and eastern Europe before evolving to become an increasingly potent threat. But what does the future hold for ransomware? Read More as we head into 2017? Let’s take a look.

City Infrastructure

As we saw with the San Francisco attack, transport systems are clearly vulnerable.

Luckily for the city’s Municipal Transportation Agency (MTA), technicians managed to clear the variant of the HDDCryptor malware from its systems without the need to pay the 100 Bitcoins ($75,000) ransom. But it could have been a lot worse.

According to reports, the attack affected 2,000 ticket machines as well as networked computers and terminals that manage payroll and employee information. Imagine how grave the situation could have been if the ransomware prevented workers from getting paid?

Advertisement

Worse still, what about the systems that manage where trains are within the transport system? Or the programs which operate the various track-side signals? How long could the MTA have held out without paying the perpetrators if people’s lives were potentially in danger?

Sadly, it seems public transport ransomware is going to become a lot more common.

The Skies

Running with this same idea: turn your eyes upwards. Are air traffic control systems under threat?

Remember, hackers infiltrated America’s air traffic control systems in 2015. It caused flights to be grounded, put travel records of passengers at risk, and cost the industry millions of dollars. In the UK, the country’s Civil Aviation Authority issued a warning in mid-2016 after it was discovered hackers broke into frequencies used by air traffic controllers and gave bonus instructions to pilots.

air traffic control
Image Credit: Ersin Ergin via Shutterstock

In either of the above situations, it doesn’t take much of a leap in reasoning to see how hackers could exploit the same systems for extortion money. It’s theorized Russia has already taken steps in this direction. They are the main suspects behind November 2015’s attack on Sweden’s air traffic control system. The attack lasted for five days and caused the country’s radar systems to stop working.

Even the planes themselves are at risk. The US Federal Aviation Administration (FAA) is currently working with experts to ensure people cannot crack the interconnected networks such as the avionics system, in-flight internet system, and passenger entertainment systems. But can they ever be 100 percent confident?

Regular Cars

Your car is at risk 3 Ways Your Car Can Be Hacked by Cyber Criminals 3 Ways Your Car Can Be Hacked by Cyber Criminals What would you do if someone remotely hijacked your car? Here are a few ways your own car can be hacked and how you can avoid them going forward. Read More . It doesn’t have to be an autonomous self-driving car, though I’ll come to those shortly.

July 2015’s famous “Jeep hack” Can Hackers REALLY Take Over Your Car? Can Hackers REALLY Take Over Your Car? Read More , in which a white hat hacker killed the engine and electronics system when the car was on a highway, is a case in point. Modern cars now have more than 30 million lines of code; that’s a lot of opportunities for cybercriminals to find and exploit a weakness.

It’s a real and growing threat. Hackers have several avenues open to them. As long as they can dupe unsuspecting victims into activating the ransomware (dubbed “jackware”), the possibilities are almost endless. Vehicles could lock their owners out (or in), the ignition could be frozen to “brick” the car, or the emergency brake could be deployed while the car is in motion. The only limit is the hacker’s creativity.

Self-Driving Cars

Self-driving cars remain something of an unknown quantity among the public at large. But for hackers, they’re a gold mine.

It’s clear the industry needs to introduce global standards to protect against hacking before it’s too late. With so many after-market products running on proprietary software, the risk level is multiplied.

John Carlin, assistant attorney general for national security at the U.S. Department of Justice, is blunt about the threat we’re facing:

We can’t make the mistake again of not building in cyber-security by design on the front end and preventing espionage or loss of life.

Think of the terrible, tragic incident in Nice, where attackers used a heavy truck, and we know people are experimenting with autonomous heavy trucks.

We know terrorists want to kill through experimental and splashy ways. They want to drive trucks into civilians, and it’s not too much to think they can hack a car and do the same thing.

Governments and private companies would have little choice but to hand over the ransom Don't Pay Up - How To Beat Ransomware! Don't Pay Up - How To Beat Ransomware! Just imagine if someone showed up on your doorstep and said, "Hey, there's mice in your house that you didn't know about. Give us $100 and we'll get rid of them." This is the Ransomware... Read More in full if faced with a threat such as the one he describes.

Smart Cities

Every day, the urban environments we live in are becoming “smarter” — more and more cities are adopting Internet of Things technology The Internet of Things: How It'll Change Your Life Next Year The Internet of Things: How It'll Change Your Life Next Year Internet of Things has undergone its own Cambrian Explosion, and it promises to make your life much more convenient in the years to come. Here's why. Read More (IoT).

Smart traffic control, smart street lights, smart water, waste, and energy management, smart surveillance systems, smart public transport… the technology promises to bring a new wave of economic opportunity and job creation. But it also promises to bring a heightened threat to our well-being.

smart city abstract
Image Credit: Chombosan via Shutterstock

As soon as any smart system uses a poorly supported and insecure IoT device, it is at risk. Such devices lack rigorous security measures 7 Reasons Why The Internet of Things Should Scare You 7 Reasons Why The Internet of Things Should Scare You The potential benefits of the Internet of Things grow bright, while the dangers are cast into the quiet shadows. It's time to draw attention to these dangers with seven terrifying promises of the IoT. Read More and often use insecure encryption mechanisms.

Take a step back, would you really trust your local government or municipal authority to properly maintain all the IoT systems it’s using? If it’s anything like mine, it’ll struggle just to mow the grass regularly in the local park.

It won’t be long until ransomware stings one of the early-adopters. A botnet will target the insecure systems, take it over, and activate ransomware. And then what happens? How would a town with a population in the hundreds of thousands react to an inadequate electricity supply or non-functioning traffic control systems?

At best, there would be chaos. At worst, there would be riots.

And if the local authority is forced to pay the criminals 5 Reasons Why You Shouldn't Pay Ransomware Scammers 5 Reasons Why You Shouldn't Pay Ransomware Scammers Ransomware is scary and you don't want to get hit by it -- but even if you do, there are compelling reasons why you should NOT pay said ransom! Read More to get the city moving again, guess who’s footing the bill? It’s you, Mr. and Mrs. Taxpayer.

A Frightening Future?

Some of my points might sound like we’re in for a dark future, but it doesn’t have to be that way.

The key is to act now Protect Your Data From Ransomware With These 5 Steps Protect Your Data From Ransomware With These 5 Steps Ransomware is scary, and if it happens to you, it can make you feel helpless and defeated. That's why you need to take these preemptive steps so you don't get caught off guard. Read More . Smart cities need to create diligent cybersecurity frameworks and adhere to them. Automobile manufacturers must work together to produce robust and secure industry standards. Governments need to hire the brightest technical minds in the country to protect our skies.

Failure to take these steps will open the door to large-scale ransomware. It’ll eclipse anything and everything we’ve seen so far. 2017 could be just the start.

How concerned are you about the threat of ransomware in the new year? Let us know in the comments below.

Image Credits: FOTOKITA/Shutterstock

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Neoalfa
    December 21, 2016 at 4:24 pm

    While keeping up-to-date in terms of security is all fine and dandy, there is just no reason why some things should be connected to the net, or at the very least the final decision before blocking a piece of hardware (such as a car) should be in the hands of a human intelligence.

    Let's not forget that even the best hacker in the world cannot break into a device that is offline. All critical systems should be offline or at the very least have (several) offline backups for rapid recovery.

    Personally I think that we are pushing the "Internet of Things" too far, with the potentinal repercussion far outstripping the few benefits.