Beware, hackers will soon target your fitness tracker and Smart TV with ransomware

Consumer devices including fitness trackers, smartwatches and televisions will soon become a key target of ransomware, a notorious strain of malware which traditionally infects computers and networks until a financial payment is sent directly to the hacker.

As the number of internet-connected devices grows, so does the potential that a cybercriminal will find and exploit vulnerabilities with them, according to UK security services including the National Crime Agency (NCA), which is often branded the British equivalent of the FBI.

"Connected consumer devices will contain huge amounts of personal data, which could be targeted by criminals seeking to commit extortion or fraud using tailored malware," stated an annual threat report, published to the web on 14 March.

It added: "This data may not be inherently valuable, and might not be sold on criminal forums but the device and data will be sufficiently valuable to the victim that they will be willing to pay for it.

"Ransomware on connected watches, fitness trackers and TVs will present a challenge to manufacturers, and it is not yet known whether customer support will extend to assisting with unlocking devices and providing advice on whether to pay a ransom."

The report did not name specific brands it believes to be at risk, or technical evidence to back up its assertions, instead the warning seemed to be broader in scope.

The findings were published as part of yearly security assessment authored in collaboration with a fork of the UK signals intelligence agency, the Government Communications Headquarters (GCHQ), the NCA and a selection of key industry partners.

While it noted the likelihood such attacks will soon spike, the report also said smart-devices are "still inherently more difficult to attack than computers." Many attacks, it stressed, may still be result of third-party downloads – still one of the most effective routes to infection.

Recently, whistleblowing website WikiLeaks released documents from inside the US Central Intelligence Agency (CIA) which indicated that state-backed spies are now targeting smart-TV's and smartphone operating systems for surveillance purposes.

Ciaran Martin, chief executive of the National Cyber Security Centre (NCSC), a new agency linked to GCHQ, said cybercrime will "continue to evolve". He noted: "[We need] ground-breaking innovation to reduce the cyber threat to critical services and deter would-be attackers."

On 12 March, The Sunday Times reported that UK security services have offered to collaborate with political parties to help fend off online attackers. This came after an unprecedented cyber-influence campaign during the 2016 presidential election, widely believed to be the work of Russia.

"This is not just about the network security of political parties' own systems," he warned. "Attacks against our democratic processes go beyond this and can include attacks on parliament, constituency offices, think tanks and pressure groups and individuals' email accounts."