Ransomware is front-page news again. It’s gotten so bad that the FBI has asked Congress for $40 million to help combat this new wave of attacks. But there’s a form of ransomware that’s been around for some time that could wreak even more havoc than the original. Jackware. One cybersecurity expert says jackware could be ten times more dangerous than typical ransomware. Instead of encrypting computers and servers, it hijacks the physical devices that are core to modern life. When the insurance industry decides it’s important enough to talk about, you know it’s time to pay attention.
A typical ransomware attack’s objective is to use malicious code to encrypt your data so the perpetrators can then demand a ransom. The goal of a jackware attack is to lock up the hijacked device until you pay. Now, apply that concept to the millions of connected devices on which we depend.
Healthcare is an excellent place to start. It’s already in the crosshairs of hackers— SonicWall’s 2021 Cyber Threat Report says attacks on healthcare institutions increased by 123 percent in 2020. We also did a recent post where we talked about the importance of securing internet-connected devices in healthcare. Just imagine hackers hijacking a multimillion-dollar MRI machine. Every minute that machine is offline can cost thousands of dollars and threaten patients’ lives. It could get even more frightening. Say a patient is hooked up to an internet-connected drug infusion and monitoring device. If that device is hijacked and the dosage increased or cut off, there could be lethal consequences.
Then there are today’s connected cars. From sensors to autopilot technologies, embedded, connected devices keep us rolling down the road. And software is at the heart of all of this technology. It isn’t a giant leap to imagine a malicious attacker taking control of a car and locking it in your driveway until you pay a ransom. Or worse, taking over while you’re on the road and causing a collision.
Finally, think about our new world of manufacturing—the connected factory. With digital technology everywhere to allow the seamless exchange of information between people, machines, and sensors, the benefits are apparent. But that factory floor won’t produce anything if a critical machine or an entire line is hijacked. And the potential exists for any device to be exposed to attack if it’s connected to a network.
While it’s too soon to tell if the massive amount of pain jackware can cause will become a reality, it isn’t too soon for IT leaders to start thinking about what to do about it. Talk to your cybersecurity team and get the discussion going about securing your connected and embedded devices today.