Cyber security experts are warning that over the past year they have noticed increasing numbers of people are falling victim to ransomware attacks on their connected devices.
Ransomware essentially involves a hacker gaining access to a person’s computer, smartphone, smartwatch, or any other connected device and holding them to ransom in order to regain access to the device or any personal information that’s been extracted from it.
Devices that contain personal information, photos, and emails are the most likely to be targeted, as you would expect, and the National Crime Agency and National Cyber Security Centre have said that the risk to businesses is “significant and growing.”
Naturally, large businesses and public figures with a guaranteed value are much more attractive targets than ordinary members of the public, though the risk is there for everyone.
In their joint report, the NCA and the NCSC have said the cyber crime is becoming much more aggressive. This is largely because the number of connected devices we own has rapidly increased, as has our reliance on them. The more devices loaded with personal information there are connected to the internet, the greater opportunity there is for criminals to target them.
There’s also the problem that the security built into these devices is limited and public understanding of online protection is limited.
The report from the NCA and NCSC, largely aimed at businesses, states that though “this data may not be inherently valuable, and might not be sold on criminal forums” there is the chance that “the device and data will be sufficiently valuable to the victim that they will be willing to pay for it.”
They foresee that “ransomware on connected watches, fitness trackers and TVs will present a challenge to manufacturers, and it is not yet known whether customer support will extend to assisting with unlocking devices and providing advice on whether to pay a ransom.”
It’s also noted in the report there are concerns that as well as appealing to opportunist criminals who can use basic low-tech software to attack small business and members of the public, more sophisticated criminal gangs could use the very same high-tech tools used by nations to target financial institutions.
It’s expected that by 2020 there will be as many as 21 billion devices around the world connected to the internet.
The chief executive of the NCSC, Ciaran Martin, said that cyber attacks would continue to grow and evolve and that both public and private sectors would have to evolve themselves to reduce the threat and deter attackers.
The report in its final form will be published March 14 as the NCSC hosts its major cyber security conference called CyberUK in Liverpool.