Ransomware operators have a new set of valuable targets to go after – superyachts owned by billionaires. According to experts, hackers can reportedly take complete control of vessels, infiltrate online accounts of those aboard and even steal photos.
Yachts have reportedly become a prime target for ransomware operators. The Guardian reported that the cyberthreat is all too real, with hackers having stolen over £100,000 from one unspecified yacht owner. There have also reportedly been instances where hackers have held yachts to ransom, demanding a payment to unlock a vessel's navigation system.
"People on yachts are what cybercriminals call high-value targets," said Malcolm Taylor, a former GCHQ officer who now heads up cybersecurity for the private security firm G3 told The Guardian. "They are wealthy, and money is what people want to steal or extort."
"Typically, ransomware infections occur by way of a drive-by; a crew member or guest is surfing web pages that may be dodgy to begin with, or some that are very popular," Darren Mayhead, CEO of Great Circle Systems, a firm that provides IT services to yachts, said. "You want to view something, but a message says you don't have the correct player or something similar. The pop-up message offers a link to download the player and the rest is history."
Given that superyachts play host to some of the world's richest and busiest people, most come equipped with strong Wi-Fi. However, a good Wi-Fi connection requires networks to be extended across a larger area, which in turn makes them vulnerable to hackers.
Campbell Murray, a cybercrime expert at Blackberry, was at the Superyacht Investor conference in London last week to demonstrate just how simple it is for hackers to hijack a vessel. "We had control of the satellite communications," The Guardian quoted Murray as saying. "We had control of the telephone system, the Wi-Fi, the navigation ... And we could wipe the data to erase any evidence of what we had done."
Murray also added that he had hijacked the yacht's CCTV so he could potentially have facilitated a physical attack as well. "We could let people onto the boat, and then wipe [the CCTV] so no one would know," he said.
According to a recent Verizon report, security experts said that ransomware attacks have soared by over 50% in the past year. Yet another report by Kaspersky revealed that nearly 75% ransomware strains in the wild were found to be developed by Russian-speaking cybercriminals. The numbers suggest that ransomware is continuing to surge in popularity among cybercriminals and that the Russian cybercrime community has substantially contributed to the propagation of this cyberthreat.