Ransomware Attack as Hardware Trojan: A Feasibility and Demonstration Study

The integrated circuit (IC) ecosystem, today, is widely distributed. Usually, a handful of companies is involved in the development of a single chip – an environment that presents many opportunities for malicious activities such as the insertion of hardware trojan horses. This work presents a specialized form of a hardware trojan that is able to mount a hardware-based ransomware attack, an attack that previously only existed in the software domain. This attack is therefore termed a hardware ransomware and is the main contribution of this work. As case studies, two architectures of the hardware ransomware are presented, along with a silicon demonstration in 65nm CMOS. In order to discuss the detectability of the malicious logic, the hardware ransomware is inserted in a complex system on chip (SoC). The experimental results show how an adversary can effortlessly insert the ransomware logic: the baseline SoC has a representative area utilization factor of 59.97% and, after the trojan is inserted, the area utilization factor increases by 0.73% to 60.70%. The inserted logic is also responsible for an increase of approximately 2% in static power – well within process variation margins. Finally, this paper discusses the implications of such an attack at length, showing that from the implementation and technological side, there are no barriers for an adversary to devise a hardware ransomware.