Ransomware and its effect on the targets is well-known. This is being used as an attack tool in nearly all
the industries. The use of ransomware has been noted in the water processing utilities, manufacturers, banks,
retail industry, to just name a few. This is partially due to its ease of use and applicability to many of the attacks.
The attack vector typically has been with phishing or its variant, spear phishing, and is not that complex.
To add to the issue, the encrypting does not take a substantial amount of time. If a user has an email address,
they are potentially a target.
the industries. The use of ransomware has been noted in the water processing utilities, manufacturers, banks,
retail industry, to just name a few. This is partially due to its ease of use and applicability to many of the attacks.
The attack vector typically has been with phishing or its variant, spear phishing, and is not that complex.
To add to the issue, the encrypting does not take a substantial amount of time. If a user has an email address,
they are potentially a target.
The attackers have changed and updated their focus. The increased use of technology has provided
additional targets. One of the new targets are the robots. These, although don’t have an email address,
they, however, are connected to the internet. IOActive Labs researched vulnerabilities with the Softbank
Robotics NAO and Pepper robots. These robots are used in industry and education venues. The attack
was able to disrupt the robot operations. The curious twist with this application is the ransomware usually
encrypts data, files, servers, and other areas the business needs to operate. This new version, instead of
targeting and encrypting these areas, to targeting the software used to operate the robots. The disruption
continues until the ransom is paid.
additional targets. One of the new targets are the robots. These, although don’t have an email address,
they, however, are connected to the internet. IOActive Labs researched vulnerabilities with the Softbank
Robotics NAO and Pepper robots. These robots are used in industry and education venues. The attack
was able to disrupt the robot operations. The curious twist with this application is the ransomware usually
encrypts data, files, servers, and other areas the business needs to operate. This new version, instead of
targeting and encrypting these areas, to targeting the software used to operate the robots. The disruption
continues until the ransom is paid.
Specifically, the attack operates to alter the default operations. This functions to disable all or a portion
of the admin features. This also is able to elevate privileges, add or change the root password(s), and other
options.
of the admin features. This also is able to elevate privileges, add or change the root password(s), and other
options.
This new attack speaks to the need to secure access and connectivity, not only from the enterprise but
also open IPs that are accessible.
also open IPs that are accessible.
No comments:
Post a Comment