THE BLOG

A Ransom Note From Your Coffee-Machine Is No Joke, But It's Not The Only Threat

06/04/2017 13:47 BST | Updated 06/04/2017 13:47 BST

Why have gadgets and devices suddenly become linked to cyber security and ransomware? Cyber criminals are not stupid - they are after your money, not the glory of hacking into your internet-connected coffee-maker or heating system.

It was a question addressed in a joint report from the UK's National Cyber Security Centre and National Crime Agency this month. Not only are cyber criminals more aggressive, say the authors, it is the proliferation of connected devices that is providing them with more doorways they can sneak through.

And instead of simply stealing money or information, many criminals find it easier and more profitable to encrypt your data and demand a ransom for releasing it back to you. The volume of these ransomware attacks has rocketed, with an estimated total cost to business of $1 billion. The perpetrators are also completely unsentimental and frequently target hospitals. It was only in January that England's largest NHS trust - Barts Health Trust - was hit with ransomware.

Even you or I, logging on to our laptops at home can suddenly be confronted by the dreaded skull-and-crossbones insignia and a demand for payment in bitcoin in return for release of our own data. Last year it was reckoned that householders in the UK paid out £4.5 million in ransoms.

Where is this all going? Does good security practice require me to forego the pleasure of firing up the office coffee machine for my high-voltage espresso with a click of a button on my laptop? Do I have to consider whether it is necessary for six people to control the heating or security systems from their phones? I'm afraid the answer may well be yes.

Criminals find everyday devices easier to hack into than computers. Internet-connected smoke detectors and air conditioning systems were not primarily designed with security in mind, and very often the default factory passwords are never re-set at installation. It means that once the device is compromised the ransomware has immediate access to the Wi-Fi connecting the device to your home laptop or office network. From that point it will seek out your data and slam the door shut behind it. Then you have to pay up if you want to see it again, whether it's photos of your holiday in the Cairngorms or your entire customer database.

Is the removal of internet connections from kettles all that is required to defeat the hackers and their ransom demands? Certainly not. Despite all the talk about connected kettles and fitness devices, the great majority of ransomware gains access to your server or hard drive when you do something you probably do every day - click open an ordinary file like a Word document or a pdf. Once you click away, malicious code hidden in the content or structure downloads the ransomware.

Just consider how many documents fly around from unknown sources. If you have a business and are recruiting, for example, you'll enjoy dozens of emailed CVs and covering letters from people you have never heard of (and may never wish to hear from again).

If we are to protect ourselves from ransomware we need to be smarter about what we let into our systems. Disconnect those risk-laden devices that do not have to be on your Wi-Fi network. If you do connect them, have the passwords changed. Be suspicious of the apps you download to your phone or tablet - check the reviews and make sure they are genuine and not doppelgangers created by criminals to record your keystrokes or open every gateway in your system.

It's important to avoid software applications that don't require updates, too. Almost all applications have some weak-points that become apparent with use and require remedial updates. And most importantly, think seriously about email security. Just because nothing untoward has happened, doesn't mean you can rely on traditional solutions like anti-virus, which has quickly become obsolete when dealing with the latest cyber threats.

We all need to set a new baseline for security and adopt new approaches and practices, because it is as clear as day that sticking with the old ways will not protect us from criminals with deviously-clever ransomware or poisoned files. Every potential gateway needs to be slammed shut in their faces.