By Editor
Toward the end of 2016, ESET senior security
researcher Stephen Cobb expressed concern about the possible mingling of three
different types of system abuse: holding computer systems and data files
hostage (ransomware); denying access to data and systems (DDoS); and infecting
the Internet of Things (IoT) with malicious code.
He hypothesized that in 2017 we would likely see
instances of jackware, whereby cybercriminals not only encrypt IoT devices, but
also ask for a payment to be made in order for access to be restored to the
user. “Think of jackware as a specialized form of ransomware,” he said. “As a
malicious software that seeks to take control of a device [whose] primary
purpose is neither data processing nor digital communications.”
Only one month into the new year, and it appears
that we may well have our first example jackware in 2017. According to The Local, which first revealed the story, the four-star
Austrian hotel Romantik Seehotel Jaegerwirt found itself the victim of a
‘ransomware of things attack’, one that bears all the hallmarks this new
threat.
Cybercriminals were able to compromise the hotel’s
electronic key system, as well as all of its computers. At first it was wrongly
reported that guests were locked in their rooms. Speaking to Motherboard, Cristoph Brandstaetter, owner of Romantik
Seehotel Jaegerwirt, confirmed that this was not the case. When the incident
took place, all 180 guests that had already checked in were still able to get
in and out of their rooms “because the owners were able to open the doors with
their internal system, which wasn’t networked with the infected computers”.
Where the problem lay, Brandstaetter explained, was
in the hotel’s ability to be able to issue new cards to new guests, subsequent
to the ransomware attack. With the local authorities supposedly unable to offer
suitable and speedy assistance, the owner felt he had no other choice but to
give in to the demands of the cybercriminals. Approximately $1,603 in bitcoins
were handed over.
This worked. The individuals behind the incident
restored access to the electronic key system, as well as to all of the
computers at the hotel. While this was welcomed, Brandstaetter felt as though
this was not the end of it. Convinced the cybercriminals had left a backdoor in
the system, he decided to update the existing security system, as well as all
of the infected computers.
Interestingly, he is now looking at “old fashioned”
security methods as a suitable solution to this new, technological threat that
exploits connected devices. “With our next modernization, we are planning to
change the key system so that we go back to old, normal keys,” he told
Motherboard.
What this story reveals is that cybercriminals are
keener than ever to deploy ransomware attacks, that they are willing to target
anyone and everyone – even schools are not immune to this threat – and, in an
ever-connected world, to hit, in particular, IoT devices in even greater
numbers.
There is still room for optimism. Cobb, while frank
about the challenges posed by jackware, concluded his expert piece on a
positive note: we are, in even greater numbers, becoming aware of the risks associated with, for example, IoT devices,
and coupled with industry efforts to develop solutions – and even government
participation in bolstering security in this area – leaves a lot to be upbeat
about. However, in the interim, vigilance is required. There are plenty of
vulnerabilities waiting to be exploited.
For more on the ransomware of things, see Cobb’s expert piece. The full Trends 2017 paper can be found here.