Trojans and botnets are bad, but ransomware is one of the nastiest, most vile kinds of malware out there. And it’s getting worse. The criminals using ransomware are becoming more advanced, and by integrating electronics into just about every part of our lives, we’re just opening up more targets for them to hit. Here are five things that could be taken hostage in the very near future.
In July, two hackers killed a Jeep that was driving on the highway. The accelerator stopped working, and the Jeep slowed to a crawl on an overpass with no shoulder. This was all planned—for a Wired article—but the result of the demonstration remains chilling. They messed with the air conditioning, the radio, and the windshield wipers. In short, they had total control over the Jeep, despite being in a basement 10 miles away.
Obviously, this is a rather extreme example, but the idea of hacking a car is one you should be a bit nervous about. Some people say it’s not likely to happen, while others say it’s a big threat. The truth is we just don’t know yet. One research team found a way to remotely disable a car’s brakes. Another group was able to mess with the tire pressure system and track a car’s movements.
Even if disabling your car remotely isn’t possible, it’s not hard to imagine that ransomware could hit your vehicle in the near future. Whether delivered wirelessly or through the onboard diagnostics port, a piece of malware could simply keep your car from starting and display a ransom message on your dashboard. “Pay up, and you get your car back.” “Make a quick deposit, and you can go to work.” Or, if the Wired article can be seen as an indication of future abilities, “give us some cash, and we’ll let you move your car from the side of the highway.”
The Internet of Things (IoT) has added a lot of cool functionality to our houses, but it’s also made them a significantly larger security threat. IP cameras can be used to spy on people, smoke detectors can be messed with, TVs can be hacked, smart thermostats can have their settings changed, smart lamps can be switched on and off… even entire home automation hubs can be taken over. Which makes smart homes prime targets for ransomware.
If you live in a cold place, how much would you pay to have your heat turned back on? Would you be willing to wait for the police to try and track down the perpetrator? Or would you just fork over $500 so you didn’t have to stay with someone else until the situation is resolved? What about having no lights in your entire house? Having your toilet flush constantly? These are the sorts of havoc that hackers could wreak on a smart home.
Fortunately, the vulnerabilities in smart home technology have been widely discussed, and it’s likely that some manufacturers will pay attention to the unease that this discussion is instilling in some consumers. Third parties are also developing systems that can protect your smart home in an attempt to head off potential attacks like this.
Of course, most people just don’t know that they’re vulnerable, and leave themselves open to attack.
This might be the most terrifying prospect of them all. A recent Forrester report predicted that next year we’ll start to see health devices being hit by ransomware. Pacemakers, diabetic implants, health monitors, deep-brain stimulators, even emergency alert systems could be taken captive by hackers who demand payment for their release. Of course, you might argue that the elderly aren’t great targets for this because they probably don’t know what Bitcoins are, but the threat is still there.
Implanted devices containing computers are becoming increasingly common; and while most of them are implanted in patients with chronic issues today, it’s quite possible that there will be voluntary implants that monitor things like heartrate, blood pressure, and other standard vital signs and transmit them to the doctor. If Google’s contact lens project works out, it may pave the way for connected implantable retinas or other optic technology.
The more of these devices we have, the more we open ourselves up to potential attacks. The medical industry hasn’t done a great job with cybersecurity in wearables so far—and if we’re not to have our bodies taken hostage, they need to step it up.
A recent CryptoLocker-like attack hit a lot of gamers, forcing them to make a Bitcoin payment to get access to their games. While this attack happened on PC, it’s naive to think that it couldn’t happen on gaming consoles as well. While I haven’t seen any reports of PS4 or Xbox ransomware, I wouldn’t be surprised to see it hit the market soon. Because so much of the information on your console is also backed up in the cloud, hackers might have to innovate to be effective, but if any characteristic can be ascribed to hackers, it’s resourcefulness.
You may not think that game ransomware would be a big deal, but a lot of people invest a huge amount of time and money in their games, and having them held hostage could be an awfully traumatic experience. If you’ve spent $1,000 on your gaming system and games, paying a couple hundred bucks to get it unlocked might not seem like such a bad deal. Some saved game files contain hundreds of hours of a person’s life, and erasing that could be a viable threat.
Mobile ransomware is already becoming more common, but it hasn’t gotten huge yet. But our phones are our connection to the world, and I can think of a lot of people who would be so helpless without their phones that they’d quickly pay a ransom just so they could look up what to do when their phones get hit with ransomware.
In addition to holding your phone captive, hackers could also extract a lot of information; contacts, social media accounts, credit cards, banking information… it’s all stored in your phone. And if they can encrypt all of that data, there’s a good chance that they can steal it as well. So in addition to having your phone locked down, keeping you from watching cat videos and sending inane texts, they’ll probably steal everything from it, too.
Right now, personal computers are the main attack vector for by ransomware—but that will probably change very soon. And when it does, a lot of people are going to be taken by surprise. Unfortunately, there’s not a whole lot you can do about some of these threats. You can’t install anti-virus software in your car, and you probably can’t change the password on your pacemaker. For the most part, it will be up to the manufacturers of these devices to protect. And that is very worrying indeed.
Are you worried about ransomware hitting your car, or your home? Do you think manufacturers are paying enough attention to these threats? Or is it all just overblown? Share your thoughts below!
Image credits: Exclusive car dashboard by kaczor58 via Shutterstock, Syda Productions via Shutterstock.com, khuruzero via Shutterstock.com, MyImages – Micha via Shutterstock.com, conejota via Shutterstock.com.