One day, your thermostat will get hacked by some cybercriminal hundreds of miles away who will lock it with malware and demand a ransom to get it back to normal, leaving you literally in the cold until you pay up a few hundred dollars.
This has been a scenario that security experts
have touted as
one of the theoretical dangers of the rise of the Internet of Things, internet-connected devices
that are often insecure. On Saturday, what sounds like a Mr. Robot plot line came one step closer to being reality, when two white hat hackers showed off the first-ever
ransomware that works against a “smart” device, in this case a thermostat.
The ransomware message that Tierney and Munro were able to display on the vulnerable thermostat. (Image: Ken Munro)
Luckily, Andrew Tierney and Ken Munro, the two security researchers who created the ransomware, actually have no ill intention.
They just wanted to make a point: some Internet of Things devices fail to take simple security precautions, leaving users in danger.
“We don’t have any control over our devices, and don’t really know what they’re doing and how they’re doing it,” Tierney told Motherboard. “And if they start doing something you don’t understand, you don’t really have a way of dealing with it.”
