As the UK government’s cyber-security event, CYBERUK 2017, gets underway a worrying new trend in cyber-crime is highlighted in a joint report by the National Crime Agency (NCA) and the National Cyber Security Centre (NCSC). The report indicates that the bad guys are coming after individuals as well as businesses. Cyber-crime and ransomware are now a threat to us all.
Last year the Internet of Things made the news for all the wrong reasons when the Mirai botnet harnessed our internet connected gizmos and gadgets to tear down major websites such as Twitter, CNN, Amazon, Netflix and Spotify.
Now the owners of smart watches, phones and televisions are becoming easy pray for hackers. Internet enabled devices typically hold emails, pictures and other private information which may have no commercial value, but can be of immense personal value. Typically, this is data people don’t want to lose and more importantly will pay to retrieve.
Many of the gadgets have poor security which can be easily breached. Once this happens, the information is seized, locked up and a note dispatched demanding a ransom to release the encrypted data.
The report makes the point: “Ransomware on connected watches, fitness trackers and TVs will present a challenge to manufacturers, and it is not yet known whether customer support will extend to assisting with unlocking devices and providing advice on whether to pay a ransom.”
When it comes to businesses the report is concerned that hacks often go unreported meaning the true extent of the problem may not be fully understood.
Of course, businesses may not always want to report cyber incidents as once in the news, hacks have a unique ability to shred a corporate reputation. But if this threat is to be beaten then surely collaboration is key to preventing future attacks and to helping the agencies target the criminals.
Don Smith, technology director, of the Strategic Cyber Industry Group sums it up well: “The development of technology throughout history has given smart criminals new ways to get what they want: email spawned the development of phishing and spam; online banking led to the creation of viruses that target bank accounts; and the Internet of Things will doubtless bring opportunities for new methods of attack.”