Skip to main content

Industrialising Blackmail: Privacy Invasion Based IoT Ransomware

Brierley, Calvin, Arief, Budi, Barnes, David J., Hernandez-Castro, Julio C. (2021) Industrialising Blackmail: Privacy Invasion Based IoT Ransomware. In: Tuveri, N. and Michalas, A. and Brumley, B.B., eds. Lecture Notes in Computer Science. Secure IT Systems. 26th Nordic Conference, NordSec 2021. 13115. pp. 79-92. Springer ISBN 978-3-030-91624-4. E-ISBN 978-3-030-91625-1. (doi:10.1007/978-3-030-91625-1_5) (Access to this publication is currently restricted. You may be able to access a copy if URLs are provided) (KAR id:92304)

PDF Author's Accepted Manuscript
Language: English

Restricted to Repository staff only until 12 November 2022.
Contact us about this Publication
[thumbnail of Preprint-Industrialising Blackmail_PrivacyInvasionBasedIoTRansomware.pdf]
PDF Publisher pdf
Language: English

Restricted to Repository staff only
Contact us about this Publication
[thumbnail of NordSec2021-PublishedVersion.pdf]
Official URL
https://doi.org/10.1007/978-3-030-91625-1_5

Abstract

Ransomware (malware that threatens to lock or publish victims’ assets unless a ransom is paid) has become a serious security threat, targeting individual users, companies and even governments, causing significant damage, disruption and cost. Instances of ransomware have also been observed stealing private data and blackmailing their victims. Worryingly, the prevalence of Internet of Things (IoT) devices and the massive amount of personal data that they collect have opened up another avenue of attack. The main aim of this paper is to determine whether privacy invasion based ransomware would be a viable vector for attackers to use on IoT devices. The secondary aim is to identify countermeasures that can be implemented to prevent such attacks from being used. To accomplish these aims, we examined how private data accessible via IoT devices could be obtained, processed and managed by a ransomware attacker. We identified a number of data sources on IoT devices that can be used to access private data, such as audio and video feeds. We then investigated methods to interpret such data in order to blackmail the device’s owner. We then produced proof of concept malware for multiple IoT devices, including an external “collator” that manages the valuable data collected, demonstrating that an attack could be performed at scale. This research shows that attackers can use the functionality of an infected device to invade the privacy of the device’s owner, as part of a ransomware attack. We have demonstrated that, given suitable infrastructure, attackers would be able to ransom users for values higher than the cost of the compromised device, as well as heavily damage the trust in the device itself, which would cause further negative impact on the device manufacturer. Finally, we highlight the need for proactive measures to deter this style of attack by applying the suggested countermeasures.

Item Type: Conference or workshop item (Proceeding)
DOI/Identification number: 10.1007/978-3-030-91625-1_5
Uncontrolled keywords: Security, Privacy, IoT, Ransomware, Malware, Cloud Services, Cybercrime, Blackmail
Subjects: Q Science > QA Mathematics (inc Computing science)
Divisions: Divisions > Division of Computing, Engineering and Mathematical Sciences > School of Computing
Depositing User: Budi Arief
Date Deposited: 13 Dec 2021 19:02 UTC
Last Modified: 15 Dec 2021 10:20 UTC
Resource URI: https://kar.kent.ac.uk/id/eprint/92304 (The current URI for this page, for reference purposes)
Brierley, Calvin: https://orcid.org/0000-0001-8766-822X
Arief, Budi: https://orcid.org/0000-0002-1830-1587
Barnes, David J.: https://orcid.org/0000-0001-6073-0951
Hernandez-Castro, Julio C.: https://orcid.org/0000-0002-6432-5328
  • Depositors only (login required):