Security News

2016: The year of spying microwaves and hijacked cars

Gagan Singh, 28 January 2016

2016: Internet-connected devices will spell out your life to anyone who’s curious

The security stakes only seem to be rising when it comes to the threats that affect us as modern-day consumers. In 2015, society has gotten a taste of what the future might look like with the rise of Internet-connected devices. While we’ve now become accustomed to our smartphones, the possibilities for both users and hackers are growing exponentially when it comes to gadgets and systems that comprise the budding Internet of Things (IoT).

We often forget about many of the devices that, in reality, fit into the “smart” category. Smart devices and gadgets can include anything from thermostats to microwaves, smart locks to smoke detectors to children’s toys. Since we make use of these gadgets in our daily tasks and endeavors, an attack on their security could result in dire threats to our privacy and security.

Smart devices, such as household appliances, cars and wearables are basically our life companions. Unlike a smartphone, which holds information about our communications, contacts, photos and videos, smart devices reveal more specific information about our behavior, such as our driving, fitness, and cooking habits, or our children’s learning behavior.

This provides optimal opportunities for hackers to target personal data, including information collected by wearable, Internet-connected devices. What’s more, this data can be used by governments for law enforcement purposes and for businesses, like insurance companies, to restrict payments or medical procedures from people who may have previously made unwise financial or health-related decisions. This year, we could see the first country enact a law that would give certain industries authorization to exploit consumer data through information collected by smart devices.

Ransomware that could turn your devices against you

Over the past year, we have seen a list of notable mobile threats that put people’s privacy at risk. Previously unseen vulnerabilities surfaced, such as Certifi-gate and Stagefright, both of which can be exploited to spy on users. Certifi-gate put approximately 50 percent of Android users at risk, and Stagefright made nearly 1 billion Android devices vulnerable to spyware. In 2015, for the first time, cybercriminals were able to attack users on a vast level.

Another mobile threat on the rise in 2015 was mobile ransomware, using asymmetric cryptography, making it nearly impossible to recover the encrypted data on a smartphone. The most common mobile threats in 2015 were adware — often apps disguised as fun gaming apps that provide little value and spam users with ads. We believe that 2016 will be the year in which we see threats moving from smartphones to smart homes — and beyond.

Total number of attacks on Android devices that Avast has detected in 2015 Total number of attacks on Android devices that Avast has detected in 2015

We already know how dangerous ransomware can be — this aggressive malware family locks individuals out of their devices and renders them useless, leaving users with little choice other than to pay a specified amount of money demanded by hackers in order to regain access to their device. On a smartphone, a factory reset helps to remove the ransomware, and if the user has conducted a backup, the harm is minor. However, if and when ransomware makes its way into the IoT sphere, we must be prepared in order to prevent our own devices from being manipulated and turning against us.