Please wait, authorizing ...

Don't have an account? Register here today.


Ransomware of Things could be the next big cyber threat to organizations

International. The Internet of Things (IoT) has been gaining ground and is increasingly permeating business environments, where its applications are almost endless. This would be making it a desired target for cybercriminals.

IoT environments go beyond a connected device, as they specifically consist of connected things that are equipped with sensors, software, and other technologies that allow them to transmit and receive data for the purpose of informing users or automating an action. This is reason enough to become an attraction for cybercrime.

According to projections by the firm Statista, approximately US$805,000 million was invested in IoT technology worldwide in 2023. In addition, it is expected that by 2027 there will be 29.7 billion devices connected through the IoT.

Meanwhile, forecasts for this year are that industrial IoT could exceed US $100,000 million, while in Latin American companies the presence of production solutions or PoC (Proof of Concept) involving IoT jumped from 31% in 2019 to 58% in 2023.

- Publicidad -

Oswaldo Palacios, senior account executive for Akamai, said that with the IoT generating vast amounts of data that can be used to make better decisions and new business models, security is a challenge that demands continuous attention.

"The Internet of Things makes it possible to collect data and send it to the network for analysis or even carry out a preliminary analysis and then send it to the network, situations that can compromise the security and privacy of confidential data," he said.

Akamai's 'Ransomware on the Move' report highlights that, in particular, manufacturing remains the top vertical with the highest number of victims of ransomware attacks.

This increased risk comes from the large amount of legacy or old commercial software, deployed at various sites in the supply chain and manufacturing, including operational equipment, sensors, and other connected terminal applications, from connected cars to chemical plants.

The sheer number of IoT devices connected to a corporate network can create a vulnerable and attack-prone work environment, so each of those devices means a new point that needs to be monitored, verified, and updated on a regular basis. In that sense, the question arises: how could a cyberattack be dispersed through these smart devices?

Oswaldo Palacios reported that hackers use social engineering, exploits, and vulnerabilities to infiltrate IoT devices, taking advantage of weaknesses in software or insecure configurations. In addition, he explained that on production lines when all devices are connected to the network, it is easy to perform a "lateral movement" without being detected. This is how ransomware spreads and reaches critical assets.

Another type of attack can be to disable the production line by cutting off the controller server's communication with IoT devices.

- Publicidad -

On the other hand, the expert also highlighted that unfortunately employees, suppliers and occasional visitors connected to a company's network can enter a malicious program on the network that can take advantage of their position and carry out an attack.

Against this backdrop, the expert mentioned that Ransomware of Things (RoT), which is a sophisticated variant of ransomware that focuses specifically on compromising the security of IoT-connected devices, has increased significantly in recent years.

The main objective of this type of attack is to block access or control of IoT devices, demanding a ransom in exchange for restoring their normal functionality. Cybercriminals demand a ransom payment in cryptocurrency, offering victims the key to unlock their devices once the payment is made.

Oswaldo Palacios highlighted that the economic consequences derived from a RoT attack range from the cost of the ransom demanded by the attackers, the loss of trust of customers and suppliers, to the expenses associated with data recovery and improved security.

These costs can be considerably high, especially for the affected businesses.

How to maintain a secure IoT environment?
According to the expert, understanding the risks associated with the growing threat in IoT security involves developing effective cybersecurity strategies. According to Oswaldo Palacios, IoT devices depend on networks and technological infrastructure which does not always have the appropriate planning and security to stop and eliminate threats in a forceful way, which is why measures must be taken such as isolating IoT devices and having visibility and control of where and how they communicate.

- Publicidad -

Constant connectivity and data sharing in an IoT environment creates new opportunities for information to be compromised. It is essential that every device that connects to the network is configured with security in mind, and the information that circulates within an IoT system must be mapped accordingly.

Recognizing that there is no perfect defense against threats can help create mitigation protocols that can contain and significantly reduce the effects of a successful attack.

Fortunately, more and more companies are protecting their IoT assets, the way they interact on the network and who has access to them. While not all IoT devices have the ability to install security software, actions such as microsegmentation will help to have a better cybersecurity strategy since you have broad visibility of which assets are communicating with each other.

By 2031, ransomware is expected to attack a business, consumer, or device every two seconds. With the prevalence of threats like ransomware and zero-day vulnerabilities, attackers are becoming increasingly adept at advancing laterally toward high-value targets when they find a way in.

"Given this data, tools such as microsegmentation put us a step ahead in any cybersecurity strategy, as it gives us complete visibility of who has access to what resource and how assets communicate with each other at the level of the communication process. This visibility allows us to detect and block any malware at its source, as well as prevent lateral movements," concluded Oswaldo Palacios.

Álvaro León Pérez Sepúlveda
Author: Álvaro León Pérez Sepúlveda
Editor - Latin Press, Inc.
Comunicador Social Periodista egresado de la Universidad de Antioquia, con más de 14 años de experiencia en medios periodísticos y proyectos de comunicación digital. [email protected]

No thoughts on “Ransomware of Things could be the next big cyber threat to organizations”

• If you're already registered, please log in first. Your email will not be published.

Leave your comment

In reply to Some User
Suscribase Gratis

Webinar: Inteligencia Artificial en NVR & Cámaras Enforcer Tema: Inteligencia Artificial en NVR & Cámaras Enforcer Por: Eduardo Cortés Coronado, Representante Comercial en México - SECO-LARM USA INC Fecha: Martes 28 de mayo, 2024 Hora: 10.00H (Colombia) 09:00H (México) Conozca cómo sacar ventaja de las funciones de inteligencia artificial en NVR´S 4K & cámaras IP enforcer, disuación activa, reconocimiento facial, reconocimiento de matriculas vehiculares, salidas alarma etc.

Webinar: NxWitness el VMS rápido fácil y ultra ligero

Webinar: Por qué elegir productos con certificaciones de calidad

Por: Eduardo Cortés Coronado, Representante Comercial - SECO-LARM USA INC La importancia de utilizar productos certificados por varias normas internacionales como UL , Ul294, CE , Rosh , Noms, hacen a tus instalciones mas seguras y confiables además de ser un herramienta más de venta que garantice nuestro trabajo, conociendo qué es lo que certifica cada norma para así dormir tranquilos sabiendo que van a durar muchos años con muy bajo mantenimiento.

Webinar: Anviz ONE - Solución integral para pymes

Por: Rogelio Stelzer, Gerente comercial LATAM - Anviz Presentación de la nueva plataforma Anviz ONE, en donde se integran todas nuestras soluciones de control de acceso y asistencia, video seguridad, cerraduras inteligentes y otros sensores. En Anviz ONE el usuario podrá personalizar las opciones según su necesidad, de forma sencilla y desde cualquier sitio que tenga internet.

Webinar: Aplicaciones del IoT y digitalización en la industria logística

Se presentarán los siguientes temas: • Aplicaciones del IoT y digitalización en la industria logística. • Claves para decidir el socio en telecomunicaciones. • La última milla. • Nuevas estrategias de logística y seguimiento de activos sostenibles
Load more...

Latest Newsletter