In a time of high stress, especially on those businesses having to adapt to massive change in their internal organizational structure, ransomware can have easier access to the connected devices that are required for continued operation: this is already being evidenced, with tragic inevitability, in hospitals, where websites have gone down and test results have been delayed. Czech News Agency (ČTK) reports that as a result of a suspected ransomware attack on a hospital in Brno, computer systems “had to be shut down” after “failing gradually”.
So not only financial but operational processes can be targeted, assets shut down, especially IoT enabled devices that are not up to date on operating systems and security patches, or that are being monitored remotely from computers without adequate protection. A kind of game theory obtains here: as a recent article in IOT World points out, businesses are more likely to pay ransoms to release themselves and continue operations when they are under such immediate pressure to continue operations, and when the police force is otherwise engaged.
For businesses like ours that operate mostly online, without any vulnerable legacy technology, or vulnerable hardware that could be damaged, the threat is one to take seriously. But for others with vulnerable platforms it must become a top priority to monitor for anomalous or unaccredited access. If an employee or contractor clicks by mistake on a malicious email link, following guidance for COVID-19, and has their remote access credentials stolen, it would be possible for a hacker to disrupt or otherwise compromise hardware, as we saw with the famous (and nearly decade old) Stuxnet attack, or the more recent WannaCry attack on the NHS.
In addition, there are a number of weak points in the traditional “smart home” infrastructure, and with more people working from home, the security of smart lights, speakers, thermostats and so on becomes a potential entry point for malware targeting business operations. Again, denial of service attacks (DDoS) could be used to extort money from businesses that need urgently to continue operations. In their 2020 Cyber Threats Report, SonicWall chart the instances of cyberattack around the world, noting that while traditional ransomware had decreased in 2019 (down by 8% on the previous year), the volume of IoT malware attacks had increased, as had encrypted threats, intrusion attacks and app-based attacks. They note in particular that ‘soft’ targets like smart home devices had become, increasingly, the main target of attackers, a trend that as we have explained is liable to continue and perhaps increase.
So far we have seen only a few suspicious text messages and email alerts, none of them successful. But over the coming weeks and months, all of us in the IoT world must be more than usually vigilant, and rely not only on the most up to date malware protection but on our own alertness and judgement.
 Brian Buntz, “Cybersecurity Crisis Management During the Coronavirus Pandemic”, IoT World Today, 24 March 2020