What Happens When Ransomware and the Internet of Things Collide?

May 3rd, 2017 by Guillermo Fernandez

In 2016, Ransomware attacks made alarming headlines, affecting every kind of business from hospitals to police stations. Last year, too, hacks of Internet of Things (IoT) devices -home appliances, toys, cars and more, were also making headlines. Many information security professionals are anticipating the convergence of both attack methods, preparing for the implications of an IoT Ransomware attack in the future.


The Internet of Things is home to powerful, significant systems in addition to consumer level devices. Public school security, health medical devices such as pacemakers, HVAC building systems, city street lights… What happens when a criminal holds these for ransom?

Ransomware usually hacks computers and networks that house mission-critical data necessary to maintain day-to-day operations of a business. Although many IoT devices don’t qualify as mission critical, those that perform critical functions will likely become vulnerable to more sophisticated, widespread and potentially catastrophic attacks. Hijackers of IoT devices can not only compromise data collected through a device’s sensors, they can also render a critical device’s physical functions inaccessible — greatly increasing the chances that a victim will pay up.


Most IT professionals will need to up their game to prepare for the multiple layers of challenges to IoT security. For instance, the Internet of Things is like BYOD and remains uncontrolled in many companies. The multiple device types and the many vendors providing them add a variety of security baselines, often thought about after deployment rather than incorporated into the design plan. There is no simple way to apply patches to all devices. Many IoT device passwords are never changed, and some are hard-coded and cannot be changed… and in general, criminals often have more resources than many companies do. With all of that and more in the mix, how can a company protect its network?


  • Establish Controls on the Company Network

    Who can add a device to the network? Assign the responsibility to someone who is capable of evaluating the security of the devices as well as how those devices will impact the network.

  • Create and Follow Minimum Security Standards

    Disable the default credentials, create a new user for the device administrator. Close unused ports and disable unused services.

  • Take Advantage of the Security Features on the Devices

    It may be a nuisance to take the extra couple of steps to log into a camera or a thermostat, but it’s worth it to secure these devices.

  • Organize the Management of Devices

    Inventory the network, document the approved devices, remove the devices that are not necessary and approved. Set up the management of remaining devices in a single ‘pane of glass’ if possible. Schedule recurring update checks on all of the devices and install updates as needed. Document and keep copies of any custom configurations of your devices.

  • Secure the Devices with a Perimeter Firewall

    In addition, use network security specifically for these smart devices, if necessary.

NextGen Firewalls from Barracuda and Van Ausdall & Farrar, Inc.

Maintaining reliable backups is key to recovering data from a Ransomware attack. NextGen Firewalls protect a single office or a central office with multiple branch offices and IoT endpoints. The Barracuda NextGen Firewalls F-Series is a family of hardware, virtual and cloud-based appliances designed to secure intelligent perimeters and dispersed network infrastructures. The F-Series cloud-ready firewalls offer a suite of powerful and robust features, including the capability to secure Machine-2-Machine connectivity and the Internet of Things.

Posted in: Insights from VAF Blog, Cybersecurity