Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

1/7/2017
08:55 AM
Kelly Sheridan
Kelly Sheridan
Slideshows
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail

What To Watch For With Ransomware: 2017 Edition

Ransomware will continue to evolve in 2017, bringing new and diverse threats to businesses. What changes are in store?
6 of 10

Question of IoT risk.
Experts are split on the future of ransomware amidst the rise of connected devices. 
Some anticipate the Internet of Things will be a prime target among attackers. 'The impact of IoT ransomware could be bigger than mobile,' says James Carder, CISO of LogRhythm and VP of LogRhythm Labs. Mobile-based ransomware is intriguing from a business perspective, he says, but the overall impact of IoT -- with the sheer number of sensors and amount of people wearing them -- could be severe in 2017. It could pose a particularly large threat to critical infrastructure, he says.
Liska, in contrast, doesn't foresee a rise in ransomware attacks among connected devices. Many IoT products are 'headless' and contain little data, or have information backed up to the vendor's cloud. 'There are all kinds of security issues with that model, but ransomware isn't one of them,' he says.
For most potential victims of IoT ransomware, there would be little motivation to pay a ransom. This is especially relevant for consumer devices; for example, a connected refrigerator. Home appliances contain no critical information. If hacked, users could simply restart them.
However, he continues, there is a risk for people using connected medical devices or other types of data systems. 'If you have a medical device with a Windows head and someone installs ransomware on the system controlling those, it could pose a huge threat,' he explains.
In the near term, IoT devices with poor security won't increase the threat of data-centric ransomware attacks on businesses. As long as organizations struggle to patch and monitor endpoint devices, users' workstations will remain an easier path of attack than other connected devices. Hackers are already effective in penetrating organizations with encrypted Office docs. Why should they bother working their way through other connected devices?
(Image: Jamesteohart via Shutterstock)

Question of IoT risk.

Experts are split on the future of ransomware amidst the rise of connected devices.

Some anticipate the Internet of Things will be a prime target among attackers. "The impact of IoT ransomware could be bigger than mobile," says James Carder, CISO of LogRhythm and VP of LogRhythm Labs. Mobile-based ransomware is intriguing from a business perspective, he says, but the overall impact of IoT -- with the sheer number of sensors and amount of people wearing them -- could be severe in 2017. It could pose a particularly large threat to critical infrastructure, he says.

Liska, in contrast, doesn't foresee a rise in ransomware attacks among connected devices. Many IoT products are "headless" and contain little data, or have information backed up to the vendor's cloud. "There are all kinds of security issues with that model, but ransomware isn't one of them," he says.

For most potential victims of IoT ransomware, there would be little motivation to pay a ransom. This is especially relevant for consumer devices; for example, a connected refrigerator. Home appliances contain no critical information. If hacked, users could simply restart them.

However, he continues, there is a risk for people using connected medical devices or other types of data systems. "If you have a medical device with a Windows head and someone installs ransomware on the system controlling those, it could pose a huge threat," he explains.

In the near term, IoT devices with poor security won't increase the threat of data-centric ransomware attacks on businesses. As long as organizations struggle to patch and monitor endpoint devices, users' workstations will remain an easier path of attack than other connected devices. Hackers are already effective in penetrating organizations with encrypted Office docs. Why should they bother working their way through other connected devices?

(Image: Jamesteohart via Shutterstock)

6 of 10
Comment  | 
Print  | 
Comments
Newest First  |  Oldest First  |  Threaded View
97% of Americans Can't Ace a Basic Security Test
Steve Zurier, Contributing Writer,  5/20/2019
How Security Vendors Can Address the Cybersecurity Talent Shortage
Rob Rashotte, VP of Global Training and Technical Field Enablement at Fortinet,  5/24/2019
TeamViewer Admits Breach from 2016
Dark Reading Staff 5/20/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-7068
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-7069
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-7070
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-7071
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
CVE-2019-7072
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .