Ransomware’s New Frontier: Here’s What Will Be Targeted in 2017
In late-November, cybercriminals hit the San Francisco transport agency with a ransomware attack. Travelers weren’t complaining; they got a free ride around the city for a few hours. But for the agency, it was a financial and PR disaster.
All the signs point towards these types of attacks becoming more common in 2017. Attacks on home users aren’t going to go away, but for the criminals, large organizations represent more money, more exposure, and more likelihood of a payout.
What systems and sectors are vulnerable as we head into 2017? Let’s take a look.
As we saw with the San Francisco attack, transport systems are clearly vulnerable.
Luckily for the city’s Municipal Transportation Agency (MTA), technicians managed to clear the variant of the HDDCryptor malware from its systems without the need to pay the 100 Bitcoins ($75,000) ransom. But it could have been a lot worse.
According to reports, the attack affected 2,000 ticket machines as well as networked computers and terminals that manage payroll and employee information. Imagine how grave the situation could have been if the ransomware prevented workers from getting paid?
Worse still, what about the systems that manage where trains are within the transport system? Or the programs which operate the various track-side signals? How long could the MTA have held out without paying the perpetrators if people’s lives were potentially in danger?
Sadly, it seems public transport ransomware is going to become a lot more common.
Running with this same idea: turn your eyes upwards. Are air traffic control systems under threat?
Remember, hackers infiltrated America’s air traffic control systems in 2015. It caused flights to be grounded, put travel records of passengers at risk, and cost the industry millions of dollars. In the UK, the country’s Civil Aviation Authority issued a warning in mid-2016 after it was discovered hackers broke into frequencies used by air traffic controllers and gave bonus instructions to pilots.
In either of the above situations, it doesn’t take much of a leap in reasoning to see how hackers could exploit the same systems for extortion money. It’s theorized Russia has already taken steps in this direction. They are the main suspects behind November 2015’s attack on Sweden’s air traffic control system. The attack lasted for five days and caused the country’s radar systems to stop working.
Even the planes themselves are at risk. The US Federal Aviation Administration (FAA) is currently working with experts to ensure people cannot crack the interconnected networks such as the avionics system, in-flight internet system, and passenger entertainment systems. But can they ever be 100 percent confident?
Your car is at risk . It doesn’t have to be an autonomous self-driving car, though I’ll come to those shortly.
July 2015’s famous “Jeep hack” , in which a white hat hacker killed the engine and electronics system when the car was on a highway, is a case in point. Modern cars now have more than 30 million lines of code; that’s a lot of opportunities for cybercriminals to find and exploit a weakness.
It’s a real and growing threat. Hackers have several avenues open to them. As long as they can dupe unsuspecting victims into activating the ransomware (dubbed “jackware”), the possibilities are almost endless. Vehicles could lock their owners out (or in), the ignition could be frozen to “brick” the car, or the emergency brake could be deployed while the car is in motion. The only limit is the hacker’s creativity.
Self-driving cars remain something of an unknown quantity among the public at large. But for hackers, they’re a gold mine.
It’s clear the industry needs to introduce global standards to protect against hacking before it’s too late. With so many after-market products running on proprietary software, the risk level is multiplied.
John Carlin, assistant attorney general for national security at the U.S. Department of Justice, is blunt about the threat we’re facing:
We can’t make the mistake again of not building in cyber-security by design on the front end and preventing espionage or loss of life.
Think of the terrible, tragic incident in Nice, where attackers used a heavy truck, and we know people are experimenting with autonomous heavy trucks.
We know terrorists want to kill through experimental and splashy ways. They want to drive trucks into civilians, and it’s not too much to think they can hack a car and do the same thing.
Governments and private companies would have little choice but to hand over the ransom in full if faced with a threat such as the one he describes.
Every day, the urban environments we live in are becoming “smarter” — more and more cities are adopting Internet of Things technology (IoT).
Smart traffic control, smart street lights, smart water, waste, and energy management, smart surveillance systems, smart public transport… the technology promises to bring a new wave of economic opportunity and job creation. But it also promises to bring a heightened threat to our well-being.
As soon as any smart system uses a poorly supported and insecure IoT device, it is at risk. Such devices lack rigorous security measures and often use insecure encryption mechanisms.
Take a step back, would you really trust your local government or municipal authority to properly maintain all the IoT systems it’s using? If it’s anything like mine, it’ll struggle just to mow the grass regularly in the local park.
It won’t be long until ransomware stings one of the early-adopters. A botnet will target the insecure systems, take it over, and activate ransomware. And then what happens? How would a town with a population in the hundreds of thousands react to an inadequate electricity supply or non-functioning traffic control systems?
At best, there would be chaos. At worst, there would be riots.
And if the local authority is forced to pay the criminals to get the city moving again, guess who’s footing the bill? It’s you, Mr. and Mrs. Taxpayer.
A Frightening Future?
Some of my points might sound like we’re in for a dark future, but it doesn’t have to be that way.
The key is to act now . Smart cities need to create diligent cybersecurity frameworks and adhere to them. Automobile manufacturers must work together to produce robust and secure industry standards. Governments need to hire the brightest technical minds in the country to protect our skies.
Failure to take these steps will open the door to large-scale ransomware. It’ll eclipse anything and everything we’ve seen so far. 2017 could be just the start.
How concerned are you about the threat of ransomware in the new year? Let us know in the comments below.
Image Credits: FOTOKITA/Shutterstock