The use of Ransomware of Things (RoT, or ransomware of things) in cyber attacks increased 160% in the third quarter of last year. This means that, on average, 8% of companies are victims of this type of threat weekly, according to global data from cybersecurity company Check Point Software.
According to the Cybersecurity Report 2020, a company document that analyzes the main tactics that cybercriminals are employing, points to targeted ransomware as one of the most important due to its success rate.
“Although information remains the main objective of cybercriminals as a ‘hostage’ to demand a financial bailout, it is increasingly common for their attacks to focus on all types of devices other than computers. Therefore, this threat is increasing, since it is no longer a risk aimed only at companies, but it can put the whole society in check ”, says Claudio Bannwart, country manager at Check Point Brasil.
How RoT and Jackware works
There is no doubt that connectivity offers numerous benefits, but it also poses risks in relation to cybersecurity. The internet of things (IoT) is gradually becoming a reality, however there is still a long way to go to execute it safely, something that cybercriminals take advantage of to launch their attack campaigns: one in four attacks is targeted against IoT devices, since they are easily hacked due to their low security levels (operating systems not updated, without protection tools, among others).
The development of this type of attack is identical to the traditional one, although in this case it focuses on blocking devices instead of data. A virus known as “jackware” is also used, a malicious software that tries to take control of devices connected to the Internet whose function is not to process data. This implies attacks, for example, in a home environment, in which a cybercriminal could handle all types of household appliances at will or, even in more advanced cases of connected homes, manage supplies such as electricity or water and even control automation. residential.
However, the risks increase when the focus is on what happens outside the home, especially in terms of vehicle safety. There are thousands of cars connected to the internet in the world (in 2020 they should represent 22% of the total) and have more resources, in addition to most of the features they offer, such as opening and closing or starting the car, among others, that can be managed through a mobile app. Thus, a cybercriminal could attack the car directly or through the smartphone, taking control of the vehicle, which could endanger the lives of its occupants and the environment around them. This has not yet happened, but the technological advancement of the automotive industry (autopilot cars, for example) makes it a possibility for the not too distant future.
“The new generations of cyber threats stand out for being very sophisticated, but also for using old features, such as ransomware, in a very new way to circumvent traditional security measures,” says Bannwart
“The ‘ransomware of things’ is a clear example, because taking advantage of the fact that connectivity is the engine of the world, they launch their attacks against mobile devices to take advantage of their lack of protection. While it may seem very futuristic, technology is advancing with difficulties, so it is essential to adopt a cybersecurity approach with a focus on preventing risks and threats before they occur. In cybersecurity there are no second chances, so it is essential to be protected from the first moment with the most advanced technological solutions ”, concludes Oxecutivo.