Researchers have built the first ransomware for smart thermostats

cybersecurity market annual forecast  1BI Intelligence

This story was delivered to BI Intelligence IoT Briefing subscribers. To learn more and subscribe, please click here.

Security experts have constructed the first ransomware for smart thermostats, according to Motherboard.

On August 6, at cybersecurity conference Def Con, hackers Andrew Tierney and Ken Monroe revealed the malware that infected a Linux-based internet connected thermostat. The white hat hackers said they created the ransomware as a proof of concept rather than for profit. The two did not reveal the make of the thermostat but said they would inform the manufacturer of the flaw.

Ransomware is a form of malware that infects an individual computer or system and refuses to unlock until certain conditions are met. A recent survey found that nearly 40% of businesses in the US, Germany, the UK, and Canada suffered from ransomware attacks in the last year. It has become a major issue in the healthcare field, where hackers will demand sensitive medical information or sums of money when hospitals or doctors’ offices are infected.

The two researchers highlighted the importance of securing IoT devices from malicious viruses, including ransomware. IoT devices add a new layer of external control that computers, smartphones, and other devices don’t possess. For example, hacking a computer could lead to sensitive information being stolen or deleted, but IoT devices being hacked could mean the hacker could do something externally malicious, like set the temperature on a smart thermostat so high it causes a fire.

Security for the IoT has become a major issue as adoption has increased. A recent survey found that the top challenge discrete manufacturers face when enabling their products to have internet connection is securing the device and the data it collects. Further, an AT&T survey released in March showed that only 10% of enterprises were confident that they could secure their IoT devices against hackers.

BI Intelligence, Business Insider’s premium research service, has compiled a detailed report on cybersecurity that details the current landscape for companies in critical infrastructure sectors, as well as how companies can protect their control systems from hackers.

Here are some of the key points from the report:

  • Companies that operate critical infrastructure sites reported 295 cyber incidents in 2015, up from 245 in 2014.
  • Hackers are targeting the industrial control systems that operate critical infrastructure because of the enormous damage they can cause by crippling such infrastructure.
  • Industrial control systems typically weren’t designed to be connected to the internet, so they weren’t built with cybersecurity capabilities to ward off hackers.
  • The hack that caused a blackout in the Ukraine could serve as a blueprint for other hackers that want to target critical infrastructure, helping them succeed in future attackers. 
  • The Ukraine hack highlighted the importance of training employees about cybersecurity and placing additional access controls on industrial control systems beyond firewalls.

In full, the report:

  • Explains the challenges that companies face in securing industrial control systems that they are connecting to the internet.
  • Breaks down what made the hack against the Ukraine’s power grid so successful.
  • Highlights how this attack will impact other companies operating critical infrastructure.
  • Details the best methods for securing industrial control systems against hackers.

Interested in getting the full report? Here are two ways to access it:

  1. Subscribe to an All-Access pass to BI Intelligence and gain immediate access to this report and over 100 other expertly researched reports. As an added bonus, you’ll also gain access to all future reports and daily newsletters to ensure you stay ahead of the curve and benefit personally and professionally. >> START A MEMBERSHIP
  2. Purchase & download the full report from our research store. >> BUY THE REPORT

The choice is yours. But however you decide to acquire this report, you’ve given yourself a powerful advantage in your understanding of cybersecurity.

See Also:

via Business Insider http://read.bi/2b5qJJb

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s