Jackware raises eyebrows in cybersec community


There is a new big concern in the cybersecurity world having to do with a different take on ransomware operations.


As we reported in past months, the practice of ransomware – holding data or files for ransom – has proliferated greatly over the past few years, with criminals even selling “ransomware as a service” kits to other bad actors.


Today, we get a report from cybersecurity executive Jason Glassberg talking about the potential for a whole new kind of threat.


Glassberg, who also previously worked at Ernst & Young and Lehman Brothers, is suggesting that something called “jackware” has the potential to disrupt business and even jeopardize lives by compromising physical machines through the use of embedded devices.


Essentially, unlike ransomware, which just steals data, jackware would hijack a machine on the ground, and control whatever that machine is doing, injecting chaos into any automated system.


Glassberg, as quoted by major news media, suggests that jackware may be “10 times more dangerous” than traditional ransomware, which has already caused disruptions for private and public operations – (note this month’s attacks on Colonial Pipeline and the JBS meatpacking plant).


To understand how dangerous jackware can be, imagine the ECU in a car being hijacked and going haywire, which would make Toyotas automatic acceleration problem circa 2014 look like child’s play.


To show that jackware is not just scareware, experts are talking more specifically about how it would be used to compromise medical machines such as an MRI.


“We’ve heard about potentially lethal attacks on medical devices like insulin pumps and pacemakers, which got the feds pressed into protecting wireless medical devices from hackers; a couple years later, DHS started investigating 24 potentially deadly cyber flaws in medical devices,” writes Darlene Storm, in a piece that addresses things like backdoors in hospital networks, and the ramifications for American healthcare. “Now there’s more bad news on the medical device scene as vulnerabilities in drug infusion pumps could be remotely exploited by an attacker who could up the dose into a fatal dose.”


Since many of these attacks can be caused by individuals surfing malicious web sites, tightening up user controls helps: beyond that, firms can get help from the same cybersec experts who have figured out how to gird systems against ransomware. Still, if the analysts are right, we could be in for hard and uncertain times when jackware operators really get started.