Forescout’s Vedere Labs has launched new research titled R4IoT (Ransomware for IoT), a proof-of-concept study demonstrating how next-generation ransomware can exploit IoT devices for initial access and lateral movement to IT and OT assets, with the intention to cause physical disruption to business operations.
The R4IoT study emerged from the observation of an increase in the number and diversity of IoT, IoMT, and OT devices connected to standard corporate IT networks and the ransomware attacks that were being attempted.
The rapid expansion in the number of connected devices in organizations exponentially increases the risk posture of nearly every business across the globe, all related to the growth of IoT devices in corporate networks, converging IT and OT networks, and the rise of supply-chain vulnerabilities.
Sharing his insights on the report, Daniel dos Santos, Head of Security Research for Forescout said, “R4IoT is the first work to analyze how ransomware impacts IoT for these domains and delivers a full proof-of-concept from initial access via IoT to lateral movement in the IT network, and the subsequent impact on the OT network. Threat actors are exploiting a broader threat surface than before, and we see hacking groups discussing IoT access on forums today. It has become imperative to arm organizations with knowledge to extend their proactive defenses and ensure IoT devices have adequate segmentation from their critical IT and OT infrastructure.”