Page 34 - Cyber Warnings
P. 34







Austrian Hotels Ransomware Run-In Highlights IoT

Vulnerabilities


By Alexandre Cagnoni




We’re seeing it everywhere… from
lightbulbs and refrigerators to cars and
homes… the ongoing adoption of IoT
(Internet of Things) in everyday items is on
a trajectory with one speed: fast. But with
that remarkable innovation comes some
ever-increasing concerns.

IoT is meant to bring new levels of
convenience and knowledge for both
consumers and corporations. It arms us with
new capabilities as well as countless clever
new insights on energy, food, security, transportation and health… just about everything. And
even though IoT is on a speedy path to hit every aspect of our lives at some point, a recent IoT-
related ransomware run-in at a hotel in Austria illustrates how IoT opens up new vulnerabilities
that even stretch into remote mountainside retreats where people usually go to rid themselves
of the usual stresses in life.

In late January, we learned that the nearly $400-a-night Seehotel Jaegerwirt, located far in the
Austrian Alps within the village of Turracher Höhe, became one of the latest intriguing cases of
IoT leading to a ransomware attack. The press was immediately abuzz with rumors of self-
locking hotel rooms in the hotel. It turns out that was not exactly what happened. But we will
also explain how that’s only the beginning of the story.

Today, people can lock and unlock their home’s front door using a mobile app, remotely turn on
your car on a cold morning, control the temperature in your home or at the office… the
applications are endless. It’s all about convenience, but what about security? IoT’s success is
rooted in the assumption that only the intended or authorized user would interface with the IoT-
enabled device or system. What happens if someone breaches the system that controls the
various devices? Just one small example would be a Trojan being placed on a mobile device
and thus gaining access to your seemingly benign devices that turn out to be not so benign
once their controlled by someone else.

That’s all too true when we see examples of vehicle brakes being remotely controlled by
hackers. And last October the attack on Dyn created a major Internet outage – all from
cybercriminals that used vulnerabilities on IoT devices. So not only are the devices themselves


34 Cyber Warnings E-Magazine – April 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide

   29   30   31   32   33   34   35   36   37   38   39