Ransomware May Target ‘Smart Cities,' Autonomous Cars For Bigger Payoffs

[Lucian Armasu]

Ransomware is now looking for higher-profile targets as it aims to collect more money for the people behind the malicious software. Smart city infrastructure could be one of its main targets, as well as autonomous cars that attackers can remotely hack.

Ransomware May Target ‘Smart Cities,' Autonomous Cars For Bigger Payoffs : Read more

 

[problematiq]

Well, they are ransoming a 30GB database from the San Francisco Metro subway for 73k in bitcoin.

 

[valeman2012]

Ransoming is not successful in such high level agency. They already restoring their services.

 

[valeman2012]

Not to note SF is a Higher Tech area.

 

[problematiq]

Ransoming is not successful in such high level agency. They already restoring their services.

Sometimes, in the case of the subway it's a matter of the database containing information on employee's as well as other sensitive data. There was a string of hospitals that were infected with ransomware and the hospital paid in the end just to get services up and running. Just having offline backups is no longer a "fool-proof" way to prevent being down from ransomware. We have seen ransomware that infects backups and sits and waits before encrypting. THAT BEING SAID! You are correct in that your typical ransomware is not likely to take down an entire city, maybe state actor backed ransomware though.

 

[firefoxx04]

Anyone who believes ransomware is not successful (and profitable) has not been paying attention. Those guys bring in some much revenue that they have actually switched to a customer service oriented approach, call centers and everything to make paying your ransome as easy as possible.

 

[Art_8_]

If you think they will go after your smart car for a few hundred $$ to unlock it from ransomware then you fail to see the real potential. More like if you don't sign over your entire bank account(s) within the next 6 minutes they will drive your wife/kids etc off a cliff or into a train is more like how they will do it. and after a few high profile cases of that actually happening emptying a bank account to save the entire family, maybe even yourself if you are also in the car will seem like a bargain. Especially if insurance will cover it.

 

[targetdrone]

Or maybe don't connect your car to the internet.

The NOC list at CIA Headquarters in Langley can't be hacked remotely because its on a isolated mainframe in a secured room with no outside communication.

The toilets on the Galactic were manual flush instead of wifi/bluetooth to keep the Cylons from hacking the toilet then flushing all the Oxygen from the ship. Every system on the bridge was isolated to keep the hack of 1 system from affecting another.

 

[problematiq]

Or maybe don't connect your car to the internet.

The NOC list at CIA Headquarters in Langley can't be hacked remotely because its on a isolated mainframe in a secured room with no outside communication.

The toilets on the Galactic were manual flush instead of wifi/bluetooth to keep the Cylons from hacking the toilet then flushing all the Oxygen from the ship. Every system on the bridge was isolated to keep the hack of 1 system from affecting another.

Air Gapped does not mean secure. If you look at Stuxnet, it hopped and air gapped network and still managed to do it's job just fine. Don't get me wrong, it does make it more difficult for malicious actors to get into, but not impossible.

 

[RomeoReject]

What's Seal Team 6 doing these days? I have an idea for how to solve the ransomware plague.

 

[targetdrone]

Or maybe don't connect your car to the internet.

The NOC list at CIA Headquarters in Langley can't be hacked remotely because its on a isolated mainframe in a secured room with no outside communication.

The toilets on the Galactic were manual flush instead of wifi/bluetooth to keep the Cylons from hacking the toilet then flushing all the Oxygen from the ship. Every system on the bridge was isolated to keep the hack of 1 system from affecting another.

Air Gapped does not mean secure. If you look at Stuxnet, it hopped and air gapped network and still managed to do it's job just fine. Don't get me wrong, it does make it more difficult for malicious actors to get into, but not impossible.

What is more worried some, a 2017 car being hacked by hackers on the other side of the global because it has always on internet with no security to speak of or someone breaking into a garage to reprogram the ECM of a 1999 Toyota and install a wireless comm system to control it remotely.

 

[problematiq]

Or maybe don't connect your car to the internet.

The NOC list at CIA Headquarters in Langley can't be hacked remotely because its on a isolated mainframe in a secured room with no outside communication.

The toilets on the Galactic were manual flush instead of wifi/bluetooth to keep the Cylons from hacking the toilet then flushing all the Oxygen from the ship. Every system on the bridge was isolated to keep the hack of 1 system from affecting another.

Air Gapped does not mean secure. If you look at Stuxnet, it hopped and air gapped network and still managed to do it's job just fine. Don't get me wrong, it does make it more difficult for malicious actors to get into, but not impossible.

What is more worried some, a 2017 car being hacked by hackers on the other side of the global because it has always on internet with no security to speak of or someone breaking into a garage to reprogram the ECM of a 1999 Toyota and install a wireless comm system to control it remotely.

I can't see someone installing wireless on a 1999 toyota, and it's not likely that the wireless would do you much good. The article is talking about smart city's so i suspect it's more likely talking about ransomware infecting your water treatment, power, traffic lights, etc.

 

[falchard]

A crypto-currency like BitCoin has to be the stupidest currency to conduct this type of business with. Every BitCoin transaction is written to the block chain as long as the Internet is online. It is one of the most traceable currencies to conduct business in. The only anonymity it provides is the stupidity of investigators in not exploring the transactions.

 

[valeman2012]

Looks like the Hacker (rasomeware user) got hacked

 

[problematiq]

A crypto-currency like BitCoin has to be the stupidest currency to conduct this type of business with. Every BitCoin transaction is written to the block chain as long as the Internet is online. It is one of the most traceable currencies to conduct business in. The only anonymity it provides is the stupidity of investigators in not exploring the transactions.

You are partly correct. Every transaction is traceable, just the accounts are not. We can see the ransom being paid to a single account, then get transferred to thousands of other wallets, then eventually end up in the "Hacker" (most likely a script kiddy) Wallet. The problem is there is no information attached to the wallet except what country it was opened in. (use a VPN and open a wallet in another country.)