Ransomware incidents involve cybercriminals compromising their victims’ computers or servers with malware and demanding large payments to restore the technology (as well as any files or data stored on it). They have often been considered one of the most damaging cyber attack methods. While these incidents are certainly a significant and growing problem, another emerging malware-based cyber attack method, known as jackware incidents, has the potential to wreak even greater havoc on businesses of all sizes and sectors.
Rather than blocking access to critical information, jackware incidents consist of cybercriminals hijacking victims’ embedded systems via malware. These systems refer to specialized computer software that serves specific functions in larger machines. Embedded systems are found in virtually all internet-connected devices (eg phones, laptops, tablets and smart cars and refrigerators) and advanced industrial machines. After hijacking these systems, cybercriminals can cause their victim̵7;s compromised technology to malfunction or completely shut down, potentially creating business disruptions, causing major physical damage, and even putting individuals’ safety at risk. Similar to ransomware incidents, cybercriminals may demand substantial payments during jackware cyberattacks before recovering victims’ devices.
As a growing number of companies in various industries rely on embedded systems to perform critical operations, jackware incidents can become increasingly common and serious. With this in mind, it is critical for businesses to understand and effectively address this cyber attack method. This article provides additional information on the potential consequences of jackware cyber attacks, describes recent real-world examples of these incidents, and offers preventative measures for businesses to consider.
Consequences of Jackware Incidents
Embedded systems play a key role in a wide range of critical business services and activities. These systems have been implemented in virtually all sectors through the use of smart technology and automated machinery. Such systems are particularly common in critical infrastructure, healthcare and public transport. Having these systems compromised by jackware cyber attacks can result in serious consequences for affected businesses.
Here’s a breakdown of significant consequences companies can face from having their embedded systems hijacked during jackware incidents:
- Interruption problem—When taking control of enterprise embedded systems, cybercriminals can shut down certain devices or render them unusable, bringing all operations dependent on this technology to a standstill. For example, a manufacturing company may be forced to stop its product assembly line if a critical piece of machinery used during the assembly process stopped working. These outages can last for a few hours or last for several days. Without the ability to use critical technology for extended periods of time, businesses can experience significant delays and lost revenue. If unable to restore hijacked devices, businesses may even have to pay for technical repairs or replacements to continue operating.
- Error problem—In addition to shutting down embedded systems, cybercriminals can also intentionally cause companies’ technology to malfunction or malfunction amid jackware incidents. For example, a restaurant that uses smart refrigerators to store food at the right temperature could run into problems with spoilage or inadvertently serve unsafe meals to customers if its technology is tampered with. In addition to causing extensive physical damage, such failures can negatively impact companies’ productivity levels, increase their liability exposures, and potentially lead to product recalls.
- Security risks—In some cases, cybercriminals can compromise companies’ embedded systems in ways that threaten the security of others. For example, a hospital that utilizes medical technology may end up giving wrong diagnoses or wrong treatment to patients if its devices are hacked. In addition, a transport company using vehicles equipped with smart devices may face increased accident risks on the road if its technology is disrupted. These incidents can be particularly devastating and result in serious emotional harm, physical injury or death.
Ultimately, the serious consequences of jackware cyber-attacks show how devastating these incidents can be for affected businesses. As a result, some cybersecurity experts have coined jackware “ransomware’s more dangerous cousin.”
Examples of Jackware incidents
Several notable jackware cyber attacks have occurred worldwide. Some of these incidents include:
- The blast furnace incident— In 2014, cybercriminals gained control of the embedded systems of a blast furnace at a steel manufacturing facility in Germany. In doing so, the cybercriminals caused the furnace to overheat and burn down a significant portion of the facility. The incident forced the facility to close its doors permanently.
- The vehicle hacking incident— In 2015, cybersecurity researchers remotely hacked the onboard systems of a Jeep Cherokee while it was on the road in the United States. Although this particular incident was only a test conducted for informational purposes, it demonstrated the various ways in which cybercriminals could compromise vehicles equipped with smart devices. Such incidents can result in damage as minor as a malfunctioning radio or as serious as disabled brakes.
- Medical technology incident— In 2018, cybercriminals targeted the embedded systems of various medical imaging devices (such as MRI and X-ray machines), temporarily taking control of this technology and compromising the operations of several global healthcare providers. The incident was widely believed to be an act of cyber espionage.
- The Trickbot Incident— In 2020, cybersecurity researchers discovered that a well-known malware platform called Trickbot had begun testing whether the embedded systems of computers—namely, basic input or output systems (BIOS) and United Extensible Firmware Interface (UEFI) software—were vulnerable to hijacked. Looking ahead, it is possible that cybercriminals could exploit this malware to remotely compromise the BIOS or UEFI software of victims’ computers and ultimately take control of their devices.
Given these incidents and their related consequences, it is clear that companies should take steps to prevent and reduce potential losses from jackware cyber attacks.
Actions that companies can take
Companies should consider the following measures to effectively avoid and minimize damage resulting from jackware incidents:
- Train employees. Educate employees about what jackware cyber attacks are and what they can do to prevent them. In particular, employees should be instructed to never click on suspicious links or download attachments from unknown senders on workplace devices, as this can trigger malware infections and allow cybercriminals to more easily carry out jackware incidents.
- Ensure effective authentication protocols. Use the principle of least privilege by only giving employees access to technology that they need to perform their jobs. Further, require employees to use complex and unique passwords on all workplace devices and utilize multi-factor authentication capabilities whenever possible. These advanced authentication measures will make it increasingly difficult for cybercriminals to gain unauthorized access to and hijack corporate technology.
- Use appropriate security software. A variety of security software can be used to identify and prevent cyberattacks from jackware. Examples of this software include endpoint detection tools, antivirus software, and patch management services. Such software should be implemented on all workplace devices and updated as necessary to ensure effectiveness. It is also important to set up firewalls and VPN (Virtual Private Network) connections to promote network security and safe internet usage.
- Have a plan. Creating a cyber incident response plan can help ensure that necessary procedures are followed when cyber attacks occur, thereby keeping related damages to a minimum. This plan should be well documented, practiced regularly, and address a range of cyber attack scenarios (including jackware incidents).
- Ensure adequate coverage. It is important to purchase adequate insurance to protect against losses that may arise from jackware incidents. It is best to consult a trusted insurance professional to discuss specific coverage needs.
We can help.
Taken together, it is clear that jackware incidents are serious cyberthreats with the potential to result in large losses for affected businesses – even greater than those caused by ransomware incidents. Nevertheless, by better understanding this cyber attack method and taking steps to prevent such incidents, companies can reduce related damage and thus protect their technology, their business and the safety of others.
If you would like additional information and resources, we are here to help you analyze your needs and make the right coverage decisions to protect your business from unnecessary risk. You can download a free copy of our eBook, or if you’re ready make Cyber Liability Insurance part of your insurance portfolio, Request a quote or download and get started with our Cyber & Data Breach Insurance Application then we’ll get started for you.