Cyber attackers are increasingly breaching Internet-enabled medical devices using ransomware and this is likely to continue for the next two to four years, according to Intel Security’s recent McAfee Labs 2017 Threats Predictions Report.
According to the threat predictions report, in which Intel Security interviewed 31 security thought leaders, while it is not currently known why attackers are breaching medical devices that collect patient data, the attacks are happening and medical data is being exfiltrated.
“More ominously, medical devices that monitor and control human systems—including pacemakers, insulin pumps, and nerve stimulators—are all becoming Internet enabled. Unethical attackers will see these medical devices as the next step in their journey beyond hospital ransomware attacks. Hospitals are successful ransomware targets partly because they need immediate access to information. A pacemaker is an ultimate example of the need for immediate access, so attackers will attempt to find vulnerabilities in these devices as they become Internet enabled and will be able to extort a great deal of money if they are successful,” the report authors wrote.
The prediction about attacks on Internet-enabled medical devices is just one of 21 predictions in the report regarding Internet of Things (IoT) security threats, legal actions and vendor responses in the next four years.
According to the Intel Security report, IoT threats and breaches will prompt political and regulatory responses. “The speed of technology advancement will hinder effective legislation, and vice versa. Differing and even contradictory regulations among countries will make things more difficult for consumers, device manufacturers, and service providers,” the report authors wrote.
Intel Security’s researchers also note that it is possible that hackers understand the consequences of attacking hospitals and other critical infrastructure and pose the question of whether there is “honor among thieves.”
“After a recent ransomware attack on a California hospital, some members of the hacker community belittled the attackers as the “dumbest hackers ever, like they couldn’t hack anything else,” and “if someone were to die or be injured because of this it is just plain wrong.” As unlikely as it sounds, hackers usually have some degree of compassion. As financially appealing as some IoT attacks appear, the potential to cause injury or death will make some of them think carefully about their actions and limit the number and severity of attacks,” the report authors wrote.
Broadly, the Intel Security threat predictions report outlined 14 threat trends to watch in 2017. Intel Security researchers predict that ransomware will remain a significant threat and will peak in the middle of next year. “Ransomware-as-a-service, custom ransomware for sale in dark markets, and creative derivatives from open-source ransomware code will keep the security industry busy through the first half of the year,” the report authors wrote.
However, on a slightly positive note, the researchers predict that ransomware’s impact across all sectors and geographies will force the security industry to take decisive actions and the volume and effectiveness of ransomware attacks will subside in the second half of 2017. “We predict that initiatives like the No More Ransom! collaboration, the development and release of anti-ransomware technologies, and continued law enforcement actions will reduce the volume and effectiveness of ransomware attacks by the end of 2017,” the report authors wrote.
The 13 other industry-spanning threat predictions from Intel Security include”
- Vulnerability exploits on Windows cools down as other platforms heat up
- Hardware and firmware threats an increasing target for sophisticated attackers
- “Dronejacking” places threats in the sky – researchers cite an example of a drone outfitted with a full hacking suite that would allow it to land on the roof of a business and attempt to hack into the local wireless network
- Mobile threats to include ransomware, RATs, compromised app markets
- IoT malware opens a backdoor into the home
- Machine learning accelerates social engineering attacks
- The explosion in fake ads and purchased “likes” erodes trust
- Escalation of ad wars boosts malware delivery
- Hacktivists expose privacy issues
- Law enforcement takedown operations put a dent in cybercrime
- Threat intelligence sharing makes great strides. “The Cybersecurity Information Sharing Act provides legal foundations for sharing threat intelligence between the US government and the private sector, and between private sector organizations with liability protection extending to the sharing entities. With this liability protection now afforded them, American corporations are evaluating their sharing polices. We should see much more threat intelligence sharing in 2017,” the report authors wrote.
- Cyber espionage: industry and law enforcement join forces
- Physical and cyber security industries join forces
Regarding security challenges, the Intel Security report authors concluded, “Increasing our threat defense effectiveness throughout the security industry will be key to staying ahead of the adversaries. It is critical that multiple industry participants work together to solve big-picture problems that cannot be addressed by simple patches or software updates. We need to share information more broadly among industry leaders to not only give us greater volume and detail in telemetry, but also aid in deception techniques. By increasing our use of predictive analytics, improving security visibility with both organizational assets and decentralized data, and reducing our use of dedicated agents, we can increase our effectiveness in the threat defense lifecycle.”
