Ransomware could infiltrate medical devices, wearables

Medical devices and wearables will be the target of ransomware hackers in 2016, according to research from Forrester Research.

The report warns that attackers could banish doctors, or even patients, from the machines that are essential for life-saving tasks, and force them to pay a ransom if they wish to unlock the devices, making this the research firm's top cybersecurity concern for the next year.

Different strains of ransomware infect computers through a malicious email attachment or another subtle, disguised method of infiltration. It then encrypts all of a user's sensitive data, and hackers give victims a short time to pay a bitcoin ransom or risk deletion of their sensitive documents, according to the report. Ransomware is relatively easy to create, requiring only small modifications to malware. 

The report indicates that ransomware is set to move beyond Windows machines to the medical industry. Healthcare already is the most hacked sector due to the high value of medical records on the black market. Sophisticated ransomware can already elude cybersecurity professionals, and the FBI has even acknowledged that their agents advise victimized businesses to pay the ransom.

A 2013 Department of Homeland Security advisory warned that 300 medical devices made by 40 different manufacturers use hard-coded passwords—passwords set at the factory that cannot be changed by end users. The passwords are easily discoverable by downloading the manual from the manufacturer.