New Ransomware Focus-Robots?
Ransomware and its effect on the targets is well-known. This is being used as an attack tool in nearly all the industries. The use of ransomware has been noted in the water processing utilities, manufacturers, banks, retail industry, to just name a few. This is partially due to its ease of use and applicability to many of the attacks. The attack vector typically has been with phishing or its variant, spear phishing, and is not that complex. To add to the issue, the encrypting does not take a substantial amount of time. If a user has an email address, they are potentially a target.
The attackers have changed and updated their focus. The increased use of technology has provided additional targets. One of the new targets are the robots. These, although don’t have an email address, they however are connected to the internet. IOActive Labs researched vulnerabilities with the Softbank Robotics NAO and Pepper robots. These robots are used in industry and education venues. The attack was able to disrupt the robot operations. The curious twist with this application is the ransomware usually encrypts data, files, servers, and other areas the business needs to operate. This newest version, instead of targeting and encrypting these areas, to targeting the software used to operate the robots. The disruption continues until the ransom is paid.
Specifically, the attack operates to alter the default operations. This functions to disable all or a portion of the admin features. This also is able to elevate privileges, add or change the root password(s), and other options. This new attack speaks to the need to secure access and connectivity, not only from the enterprise, but also open IPs that are accessible.
About the Author - Charles Parker, II has been working in the info sec field for over a decade, performing pen tests, vulnerability assessments, consulting with small- to medium-sized businesses to mitigate and remediate their issues, and preparing IT and info sec policies and procedures. Mr. Parker’s background includes work in the banking, medical, automotive, and staffing industries.