Jackware: Malware that Can Hijack a Machine

As technology continues to evolve, so does the sophistication of malware to exploit it.  Manufacturing in particular has become familiar with Ransomware in recent years as a growing threat that has given rise to massive business and supply chain disruption.  Ransomware has traditionally targeted computer systems and networks with the goal of holding them hostage for payment, and has almost become an industry of itself for cyberattackers.  As technology has evolved to include more and more interconnected devices as well as devices with interconnected components, we are now seeing the rise of a new type of threat called Jackware. 

Jackware is different from Ransomware in that it has the capability to leverage vulnerabilities in embedded devices that are part of a broader ecosystem in order to take control of that device and cause disruption.  Examples include smart home systems, smart devices in offices, cars, or even critical infrastructure.  The goal of Jackware is no longer that of monetary gain, it exists solely to cause mayhem and disrupt people’s lives.  The clear and present danger to manufacturing lies in the growth of IoT devices, smart sensors, programmable logic controllers and human-machine interfaces.  Each of these represents a suite of embedded devices that are all connected to the internet and may all contain vulnerabilities, making them all potential targets.  Once a device is infected with Jackware, a hacker can potentially shut that device down or control it remotely, making it do things it is not supposed to do that could cause real disruption to manufacturing operations and real danger to people working there.

How can the industry protect itself from this new rising threat?  The answer is multi-faceted:

1. OEM’s need to design and integrate advanced security techniques into the IoT devices and interconnected systems within the machinery they build.  It’s crucial that manufacturers (CPG’s and OEM’s alike) consider all potential entry points for attackers within their equipment and take measures to protect those devices, such as:
2. Ensuring firmware and operating systems are up to date
3. Disabling unused radios or remote access protocols
4. Utilizing strong passwords and authentication mechanisms such as multi-factor

2. Carefully evaluate and deploy smart devices within your organization, and ensure that all interconnected devices conform to your security policies and best practices.  If you haven’t asked questions about how a smart device or machine has been secured, you need to go back and revisit that before an attacked takes advantage of a potential exploit.
3. Ensure that your IT-related cybersecurity bases are covered by:
4. Implementing a secure firewall with proper network segmentation
5. Utilizing an advanced anti-malware tool that can detect sophisticated threats such as ransomware and is a managed solution (meaning there is a security operations center monitoring the tool to actively detect and mitigate malware threats)
6. Administrative access is restricted to only those that require it

Lastly, if you haven’t developed an incident response plan, your business could be vulnerable to severe disruption in the event of a cyberattack.  Start planning how your organization will respond to an incident proactively, before something happens.