Cybersecurity threats spread to phones, watches and TVs
In early March we had news that that the CIA apparently hacked Samsung TVs (according to documents leaked by Wikileaks – Samsung TVs were said to have been hacked using a computer virus called the Weeping Angel which turned them into a ‘covert microphone’).
In a new report the UK Government bodies the National Cyber Security Centre (NCSC) and the National Crime Agency (NCA) are warning that criminals are targeting connected personal devices such as phones, watches and TVs with ransomware (software that makes a device unusable until a ransom is paid to the attacker).
The attacks are increasing and highly audacious as evidenced by those at the Bangladesh Bank (the largest cyber heist in history where attackers exploited the SWIFT payment system to steal $81m), the Democratic National Party and the Ukrainian Power Grid.
Furthermore, the report states that 2016 saw the DDOS attacks in history on websites including Twitter, Netflix and Spotify.
The report identifies a number of key trends:
- The technical skills required to launch attacks is actually falling as more devices come on line providing more opportunities for attacks and potentially weaker points of entry.
- Hackers are increasingly learning from each other.
- Identifying who is behind an attack is becoming increasingly harder (with criminals imitating nation states in attacks on banks).
- Similarly, nation states are using off the shelf malware and using more basic techniques such as DDOS in their attacks. Approaches more often used by criminals.
- Ransomware is singled out in the report, highlighting the growth in use and potential weaknesses in mobile phones, connected watches, smart TVs and fitness trackers as presenting a particular challenge. The report warns that criminals will bet on users being desperate to retrieve their photos, emails and data on the blocked devices.