Forescout Venture Labs develops PoC IoT ransomware
Forescout’s Venture Labs has published a proof-of-concept study demonstrating how IoT devices can be vulnerable to next-generation ransomware.
The R4IoT (Ransomware for IoT) study predicts that IoT devices will be the next threat vector, serving as pivot points for penetrating the larger corporate network.
According to the researchers, the rapid proliferation of IoT devices in use by many organisations, coupled with the rise of supply chain vulnerabilities, is exponentially increasing their risk posture to these emerging threats.
Venture Labs Head of Security Research Daniel dos Santos said the plethora of ransomware attacks in 2021 is part of a growing trend involving large ransomware gangs performing ransomware as a service, and crippling the operations of multiple types of organisations simultaneously to maximise their impact.
“R4IoT is the first work to analyse how ransomware impacts IoT for these domains and delivers a full proof of concept from initial access via IoT to lateral movement in the IT network, and subsequent impact on the OT network,” he said.
“Threat actors are exploiting a broader threat surface than before and we see hacking groups discuss IoT access on forums today. It has become imperative to arm organisations with knowledge to extend their proactive defences and ensure IoT devices have adequate segmentation from their critical IT and OT infrastructure.”
Australian businesses adopting AI at a rapid pace
New research published by AWS indicates that an Australian business is adopting AI an average of...
ISACA launches AI-centric certification for security professionals
The Advanced in AI Security Management (AAISM) certification focuses on the implement AI...
ACS backs digital productivity vision but urges action on AI regulation
Rather than promoting a wholesale rethink of AI regulation, ACS is calling for parallel progress,...
