Ransomware and its effect on the targets are well-known. This is being used as an attack tool in nearly all the industries. The use of ransomware has been noted in the water processing utilities, manufacturers, banks, retail industry, to just name a few. This is partially due to its ease of use and applicability to many of the attacks. The attack vector typically has been with phishing or its variant, spear phishing, and is not that complex. To add to the issue, the encrypting does not take a substantial amount of time. If a user has an email address, they are potentially a target.
The attackers have changed and updated their focus. The increased use of technology has provided additional targets. One of the new targets are the robots. These, although don’t have an email address, they, however, are connected to the internet. IOActive Labs researched vulnerabilities with the Softbank Robotics NAO and Pepper robots. These robots are used in industry and education venues. The attack was able to disrupt the robot operations. The curious twist with this application is the ransomware usually encrypts data, files, servers, and other areas the business needs to operate. This new version, instead of targeting and encrypting these areas, to targeting the software used to operate the robots. The disruption continues until the ransom is paid.
Specifically, the attack operates to alter the default operations. This functions to disable all or a portion of the admin features. This also is able to elevate privileges, add or change the root password(s), and other options.
This new attack speaks to the need to secure access and connectivity, not only from the enterprise but also open IPs that are accessible.
No comments:
Post a Comment