Online extortion is on the rise. In pursuit of new victims and markets, it is mutating in terms of characteristics and attack vectors. Moderncyber weapons include DDoS attacks, file encryption and device locking, all supported by social engineering and backed by the anonymity of Tor and Bitcoin.
Cyber extortionists first flung ransomware at individual users, via mass spamming campaigns. Then, they turned to targeting businesses and organizations, via specially crafted spear-phishing emails.
Ransomware initially targeted personal computers. With the emergence of Linux ransomware, servers and websites hosted on them started to be hit as well. Future targets will be even more high-level, and we’re already getting a glimpse at what the future holds:
- A well-orchestrated ransomware attack hit the Hollywood Presbyterian Medical Center. This compromise ended up blocking HPMC's ability to enter or retrieve patient data. Such information can be vital in cases like urgent surgery. Ransomware is already threatening people’s lives.
- A ransom Trojan infected the UK Parliament systems in November last year. It hit a shared drive used by about 8,500 government employees. Publicly revealed government secrets can lead to serious political or even war conflicts.
- Israel's Electricity Authority, a government department providing utility services, was infected with ransomware that spread throughout its network. This attack put Israel’s critical infrastructure at risk. Paralyzed power grid, water or gas supply systems may call forth more horror than the worst natural disaster.
Fortunately, none of these attacks was pernicious,but somecyber extortion campaignshaveended up tragically. A Romanian citizen ended his son’s and his life when he saw a ransomware notification demanding a fine of $21,000 for watching prohibited pornographic content. Having seen a ransom message impersonating the UK police, a 17-year-old college student committed suicide.
The cyber extortion industry is already progressing at a rapid pace. How much time can it take for something more dreadful to start happening in the continuously evolving Internet world? Any of the above three attacks can be the most cherished dream of a movie character like Dr. Evil, who routinely devises schemes to terrorize and take over the world. I am notsure that no ill-disposed scientist, dictator or billionaire is planning to turn the earth into hell. In the era of IoT, ransomware provides such opportunities. Hacking for money is just one reason, buthacktivists or terrorists may have much more dreadfulmotivations.
Here is another real world example. Individuals and businesses are moving to the cloud. Cyber extortionists are doing the same. A company called Children in Film uses an application that maps the cloud drive as a local disk on a customer’s HDD. One wrong click to open a catchy email attachment got the cloud drive encrypted. According to their hosting provider, the infection compromised other clients on the same server as well. Ransomware acts swiftly and very profoundly.
The modern tech world gives cyber extortionists huge opportunities. A lot of things proved to be vulnerable and can pose a serious risk if hacked. For example, the security of modern vehicles is fairly weak. It doesn’t take a genius to break RFID car locks. Researchers have demonstrated how to hijack a Jeep as it hurtles down a St. Louis highway.
It’s very easy for criminals to find unprotected surveillance web cameras and other digital appliances. They utilize a special search engine for Internet-connected devices. It’s called:Shodan. Web cameras are tasty morsels for offenders. Security experts predict that medical implants, various wearable devices, and IoT stuff are next targets. Just imagine the display of your home scales say: “Hey, 2 Bitcoins or I tweet your weight history out.” Or a scarier one: “Want to keep using the pacemaker? Pay me 2 Bitcoins.”
Researchers have reported more than 300 vulnerable medical devices by 40 different manufacturers. They use hard-coded passwords that the customer cannot change. Criminals can find these credentials in publicly available manuals. Cyber extortion doesn’t necessarily rely on complex crypto. It may just lock a device or perform little data manipulations.
Ransomware has attacked appliances with built-in Smart TV technology as well. Candid Wueest from Symantec did a viable proof of concept in this regard. It’s within the realms of possibility that any hacked device with Internet access can become a node in a botnet, or it may be exploited for conducting click fraud campaigns and DDoS attacks. TV viruses can also record and steal account credentials and suchlike sensitive data. The scammers can then lock the device and demand a ransom so that things get back to their normal state.
The current IoT trends encourage users to put their products online and stuff them with a maximum of features. In the meanwhile, it’s reasonable to assume that things like connected fridges may lack “secure by design” characteristics. Researchers expect about 25 billion connected 'things' to appear by 2020. From a single point of compromise, such as a digital certificate, hackers and cybercriminals can take over a whole network of thousands or even millions of smart things.
Discuss in our Forums
See what other readers are saying about this article!
Click here to read & post comments.
4 posts so far.