Cyber Bytes: Why Ransomware and Jackware Matter to Your Business
Smart connectivity is a feature of nearly every machine manufactured today, from critical infrastructure to cars, mass transit, health care, homes, office buildings and equipment. And just like a computer, smart machines (aka the Internet of Things or IoT) are also vulnerable to malware attacks.
When a threat actor launches a ransomware attack on your computer or network, they usually scramble (encrypt) your data and demand a ransom payment before giving you the code to unscramble (decrypt) it. Now, jackware is another type of cyber threat crawling the scene.
Like ransomware, jackware infects a host computer and renders it inoperable or inaccessible. But jackware isn’t always about cash demands. Jackware is about inflicting chaos simply for sport, activating malicious code across connected systems and leaving deactivated computers and other machinery in its wake.
Ransomware and Jackware are part of the same malware coin
Ransomware and jackware operate similarly, exploiting weak cybersecurity and injecting malicious code onto a machine.
- Ransomware initially scrambles networks and data, but returns system functionality after the victim pays the ransom.
- Jackware inserts malicious code and then hijacks the entire network, shutting down integral processes or disabling every connected machine, sometimes inflicting permanent damage (aka bricking).
Jackware might seem like science fiction, but it’s not. It’s already a part of history.
Here are some real-life examples of smart machines being attacked by jackware.
In 2014, cyberattackers took control of a blast furnace inside a German industrial plant, raising the furnace temperature past 2,000 degrees and causing part of the plant to burn down. According to a PropertyCasualty360 article, hackers used a spear-phishing scam targeting upper-level employees. The malicious code attachments eventually allowed them access to the building’s heating, ventilating and air conditioning system.
Most luxury vehicles contain 100 semiconductor chips to operate, including connectivity features. It’s not much of a stretch to imagine where jackware would go.
In 2015, Wired magazine demonstrated two hackers remotely taking over a car. At first, they just engaged the windshield wipers and other gadgets, but things got real when they killed the engine while the car was on the highway. They later unlocked the vehicle, took over the steering wheel and deactivated the brakes.
Some cybersecurity experts are already contemplating jackware as a holdup mechanism, like taking over a vehicle and requiring cash on the spot to unlock it.
No matter the modus operandi, hijacking a single device or an entire network is proven and probable.
Who are the targets?
Any business connected to the internet or intranet is susceptible to ransomware and jackware attacks.
Small to midsize businesses are easier targets for ransomware because many lack cybersecurity and response planning teams, even if the ransom isn’t as high as it would be for a larger company. A threat actor will play the odds for guaranteed consistent payouts.
Jackware can infect any embedded device or computer connected to a more extensive network. Jackware can target:
- Water processing plants
- Oil and gas companies
- Shipping companies
- Hospital computers
- Energy grids
- Mass transit systems
- Fleet communication and truck route planning systems
- Manufacturing plants and assembly lines
- Processing plants
Smaller businesses are attractive targets
Hackers target small to midsize businesses because they:
- Don’t patch or maintain their network security (weak security firewalls and password protocols)
- Don’t train their staff (untrained employees are more likely to fall for scams)
- Don’t back up their network data (nonexistent data backups leave businesses no option but to pay ransom demands)
- Don’t have cyberattack response plans
- Don’t have information technology (IT) departments
- Don’t know how to correct a security breach after a hack, leaving them vulnerable to more attacks
Things you can do
Think of your networks and software like you would building maintenance. Stay on top of issues and don’t leave the building unlocked:
- Change your default router settings.
- Create division in your network (such as one Wi-Fi password for smart devices and another for guests).
- Understand how your smart devices are secured (if at all).
- Disconnect smart devices when they’re not needed.
- Use strong passwords and multifactor authentication.
- Avoid using Universal Plug and Play to connect networked devices like printers, copiers and TVs. (Ask your IT team to verify whether they’re used on your network.)
- Update your software.
- Implement a cybersecurity protocol and threat response plan.
- Secure your IoT machinery.
- Take the Ransomware Quiz from the Federal Trade Commission.
- Get cyber liability insurance.
If you experience a cyberattack:
- Contact your IT team or a cybersecurity expert.
- Alert your local authorities.
- Report the attack to the U.S. government.
- Call your insurance agent as soon as possible (if you have a cyber liability policy).
Talk to your agent about your cyber liability
A cyber liability policy can help you with next steps after a cyberattack, including forensic data analysis to track down the malicious code used in the attack. Call your agent to find the right cyber protection for your operations.