Jackware: Malware That Controls Machinesby@zacamos
580 reads
580 reads

Jackware: Malware That Controls Machines

by Zac AmosAugust 5th, 2022
Read on Terminal Reader
Read this story w/o Javascript
tldt arrow

Too Long; Didn't Read

Jackware is a special type of malware made especially for commandeering machines. The purpose of jackware is to remotely and hostilely take over “embedded” devices connected to the internet, including cars, robots, IoT gadgets and more. Detection and defense is difficult, often due to a "design gap" between the cybersecurity capabilities of equipment when it was made versus when it is used. Ultimately, strong preventative measures are the best defense.

Companies Mentioned

Mention Thumbnail
Mention Thumbnail
featured image - Jackware: Malware That Controls Machines
Zac Amos HackerNoon profile picture

Imagine you are driving to the store when suddenly your car swerves off the road, completely out of your control. This is what can happen when jackware infects devices. Jackware is a special type of malware made especially for commandeering machines, whether a car, an IoT gadget, an assembly line robot or anything in between.

A device that is connected to the internet in any way can be hacked by jackware. Here’s an overview of what it is, signs of an infection and tips for defending against hacks.

What Is Jackware?

Jackware is a specific form of malware, but it isn’t designed to steal or destroy data. The purpose of jackware is to remotely and hostilely take over “embedded” devices connected to the internet. The most infamous example is the connected smart interfaces in many modern cars.

A team of researchers tested this tech on a Jeep in 2015, successfully taking over the brakes while driving at highway speeds. They simply hacked into the vehicle’s entertainment system, using a tactic they suggested would work on virtually any Chrysler car model.

Hackers that successfully develop a jackware program could potentially have a very large blast radius without needing to tweak the program.

The Dangers of Jackware

The general goal with jackware is to cause destruction, damage or harm by taking over a device against a user’s will. Going well beyond consumer cars, this can have serious real-world dangers.

For instance, a hacker could use jackware to take control of connected robots or machinery in a setting like a warehouse or manufacturing facility. This could seriously endanger employees’ safety.

Similarly, in medicine, a hacker could use jackware to make a medical imaging or testing device deliver incorrect results, leading to improper care for the patient and potentially threatening their health and safety. This also applies to personal medical devices like pacemakers and insulin pumps.

In fact, it is even possible for jackware to take over trains and other large vehicles. Most heavy transport equipment’s operational technology was simply not designed for cyber resilience, so it can be highly vulnerable to jackware. An attack on something like a public transit train could lead to a major accident, seriously harming those on board.

How to Detect Jackware on Devices

Is there any way for jackware to be detected once it has infected a device? Unfortunately, it’s not easy. Jackware is difficult to find since the infected items often don’t offer users an easy look into system files or code, where signs of malware might be visible. For instance, few people know how to get into the firmware of their car’s entertainment system.

However, there are ways to detect malware in general. For example, some tech experts have suggested using blockchain technology to secure devices against it. Blockchain creates unique identifiers for data, which can’t be faked or copied. Malware couldn’t hide undercover in a system running on the blockchain.

Additionally, blockchains are great for securely sharing information. The signature of a specific program could be added to a public blockchain people use to detect malware on their devices.

Effective anti-malware software may be useful, as well. Jackware is a type of malware, after all. Programs developed for devices like warehouse robots or cars could be run regularly to check for and remove any malicious programs.

There are often signs users can look out for without using specific programs indicating the presence of malware. For instance, infected PCs often run much slower.

The same could be true for some devices infected with jackware. Maybe a robot gets lost on one of its automated routes, or a car’s interface takes a long time to sync to the driver’s favorite playlist. Any unexplained performance issue could potentially be a sign of jackware.

How to Defend Against Jackware

All this begs the question: Is there anything users and organizations can do to prevent jackware from getting into their devices to begin with? The short answer is yes. However, much of this will have to happen on the device developer’s end.

The problem that cars, trains and medical devices face is a design gap. These machines are often simply not created with cybersecurity at the forefront. Even if they are, they can sometimes take so long to develop that the included security programs are already out of date when they go into use. This is why malware over a decade old can still work in some hospitals. The operating systems in these facilities are frequently outdated, making it easy for attackers to score an easy win.

Perhaps the first step toward preventing jackware infections is to keep operating systems and cybersecurity measures like antivirus software up to date. An effective anti-malware program can go a long way. Device developers need to start building them into their devices, though. As of 2022, there are no after-market options for antivirus software for devices like cars.

The items targeted by jackware are often isolated, making them essentially defenseless. Even if a user knows their gadget may be at risk, there aren’t any extra defenses they can add to it. It falls on developers to take jackware seriously and prioritize it in the design and operating systems of vulnerable vehicles, medical equipment and IoT devices.

There are still some steps users can take to keep their devices safe, though. For instance, network segmentation is a great way to minimize how much connected devices are exposed to the wider internet. For example, everyday browsing on phones and laptops should happen on a separate network from the one that operates a warehouse’s IoT robots.

Strong passwords on all devices, networks and accounts are also a must. Even if jackware gets into something, strong authentication measures will help prevent it from successfully taking control.

Protecting Devices From Jackware

Jackware can be an especially dangerous form of malware. It is difficult to detect and defend against. Developers need to take concrete steps to prioritize modern cybersecurity measures for items at a high risk of attempted attacks.

Dedicated anti-malware software designed for these unique devices and modern operating systems to support them could help protect them from jackware. Users can also implement network segmentation and strong authentication measures on all their devices and accounts.