May 9, 2016

Internet of Things and ransomware: 4 things to consider

Markus Melin

Head of Tieto Security Services, Tieto

Hacking a large corporation’s information system is a scene depicted in dozens and dozens of Hollywood movies. The usual story line includes a person infiltrating the headquarters in disguise in order to connect his laptop to the system and get a hold of physical devices such as elevators, doors etc. Mission Impossible is a classic in the genre.

Because of Internet of Things, these evil maneuvers are nowadays much easier to execute. The only thing needed to control connected devices is an online connection. This unveils great possibilities to your business but also threats.

There is no way around it: IoT gives a lot of new targets for criminals using means such as ransomware (read our previous blog on the topic). We are not just talking about gates and doors, but also cameras, temperature sensors, even pacemakers and insulin pumps.

Basically every single connected device is a potential target. According to Gartner, that means 5 billion devices to be worried about.

In this landscape you should consider the following aspects.

1. Once ransomware virus has infiltrated your system it might be almost impossible to get rid of it without submitting to the ransom. As we tell in our latest white paper, 60% of all companies infected by ransomware last year had to raise a major incident to solve the case.

So prevention before you are compromised is the most important thing.

2. Your staff and the whole network of operators in your service are the key to securing your business against ransomware. In IoT, this means manufacturers and subcontractors who e.g. do the maintenance for your infrastructure and gadgets.

Make sure your partners’ security policy matches the expectations, protocols, and level of your own set standard.

3. You go a long way by making sure your staff’s security culture is up to date.

According to our study, over half of all ransomware cases have been caused by an employee opening private mail on company computers. If he/she is connected to the company network, the impact might be major.

4. A real-time view to your network of connected devices is crucial. Detecting an infiltration quickly and responding instantly by isolating the incident might save you from the trouble.

You need to have visibility across all your assets and understand security-wise what is going on – this helps to prevent and mitigate things before they turn into a business continuity problem.

If you do not know your current situation, we can help you in assessing it.

Stay up-to-date

Get all the latest blogs sent you now!