Another Black Hat USA conference has come and gone, but, much like every year, a lot of incredible insights remain. And McAfee was a major contributor to those insights. Our presenting researchers offered several great demonstrations this year, but three sessions stood out particular for their insight into future ransomware scenarios:
- Enjoy Your Coffee, Pay Me for Your Business — This session gave a few great examples of just how damaging the combination of ransomware and the Internet of Things can be. For example, our researchers presented attacks ranging from controlling IoT-connected lights (which would flicker until a victim paid a ransom) to using rogue Wi-Fi access points to infect a targeted organization’s smartphones. These infected smartphones could then be used to cripple office systems, networks or hold access to critical files hostage.
- Your Home is Hacked… Pay Me! — This yet-to-be-publicly-released session detailed a scenario of how ransomware could affect, and infect, a smart home. Our researchers were able to show how we could identify a vulnerability in a home automation appliance and execute an exploit of the vulnerability — even if it’s been patched — allowing an attacker to plant ransomware or malware on the device. More on that session soon…
- I’m Watching You Through Your Car Wi-Fi — Our researched also presented a ransomware scenario for smart cars. Through an exploit targeting auto-entertainment system hubs, our teams were able to show how an attacker could track the location of a targeted car and harass the target-car’s owner through status messages. This, of course, could last until the car owner paid a ransom.
The rise of the Internet of Things (IoT) and ransomware are two of the biggest security stories in years. We’re looking forward to contributing more towards consumer safety in these arenas.
We also announced a few promising partnerships at Black Hat 2016. For example, we’re partnering with CompuCom to help alleviate companies burdened by the cybersecurity skills shortage. To do this, CompuCom is deploying McAfee Enterprise Security Manager as its SIEM tool as a completely cloud hosted and delivered solution. This will enable CompuCom to respond to client needs quickly and inexpensively. You can read more about that deal here.
A big hats-off to everyone who helped make Black Hat 2016 a huge success! We certainly learned a lot during our time at one of the largest annual cybersecurity events, and we hope we’ve imparted a lot of valuable cybersecurity information to our session attendees. ‘Till next year!