Skip to main content
Kent Academic Repository

Industrialising Blackmail: Privacy Invasion Based IoT Ransomware

Brierley, Calvin, Arief, Budi, Barnes, David J., Hernandez-Castro, Julio C. (2021) Industrialising Blackmail: Privacy Invasion Based IoT Ransomware. In: Tuveri, N. and Michalas, A. and Brumley, B.B., eds. Lecture Notes in Computer Science. Secure IT Systems. 26th Nordic Conference, NordSec 2021. 13115. pp. 79-92. Springer ISBN 978-3-030-91624-4. E-ISBN 978-3-030-91625-1. (doi:10.1007/978-3-030-91625-1_5) (KAR id:92304)

PDF Author's Accepted Manuscript
Language: English
Download this file
[thumbnail of Preprint-Industrialising Blackmail_PrivacyInvasionBasedIoTRansomware.pdf]
Request a format suitable for use with assistive technology e.g. a screenreader
PDF Publisher pdf
Language: English

Restricted to Repository staff only
Contact us about this Publication
[thumbnail of NordSec2021-PublishedVersion.pdf]
Official URL:


Ransomware (malware that threatens to lock or publish victims’ assets unless a ransom is paid) has become a serious security threat, targeting individual users, companies and even governments, causing significant damage, disruption and cost. Instances of ransomware have also been observed stealing private data and blackmailing their victims. Worryingly, the prevalence of Internet of Things (IoT) devices and the massive amount of personal data that they collect have opened up another avenue of attack. The main aim of this paper is to determine whether privacy invasion based ransomware would be a viable vector for attackers to use on IoT devices. The secondary aim is to identify countermeasures that can be implemented to prevent such attacks from being used. To accomplish these aims, we examined how private data accessible via IoT devices could be obtained, processed and managed by a ransomware attacker. We identified a number of data sources on IoT devices that can be used to access private data, such as audio and video feeds. We then investigated methods to interpret such data in order to blackmail the device’s owner. We then produced proof of concept malware for multiple IoT devices, including an external “collator” that manages the valuable data collected, demonstrating that an attack could be performed at scale. This research shows that attackers can use the functionality of an infected device to invade the privacy of the device’s owner, as part of a ransomware attack. We have demonstrated that, given suitable infrastructure, attackers would be able to ransom users for values higher than the cost of the compromised device, as well as heavily damage the trust in the device itself, which would cause further negative impact on the device manufacturer. Finally, we highlight the need for proactive measures to deter this style of attack by applying the suggested countermeasures.

Item Type: Conference or workshop item (Proceeding)
DOI/Identification number: 10.1007/978-3-030-91625-1_5
Uncontrolled keywords: Security, Privacy, IoT, Ransomware, Malware, Cloud Services, Cybercrime, Blackmail
Subjects: Q Science > QA Mathematics (inc Computing science)
Divisions: Divisions > Division of Computing, Engineering and Mathematical Sciences > School of Computing
Depositing User: Budi Arief
Date Deposited: 13 Dec 2021 19:02 UTC
Last Modified: 04 Jul 2023 13:57 UTC
Resource URI: (The current URI for this page, for reference purposes)

University of Kent Author Information

  • Depositors only (login required):

Total unique views for this document in KAR since July 2020. For more details click on the image.