itb-au logo
Story image

IoT a hot topic in cybercriminal underbelly

Cybercriminals from around the world are actively discussing how to compromise connected devices, and how to leverage these devices for moneymaking schemes, according to new research from Trend Micro, which says the monetisation of IoT attacks is increasing.

The research analysed forums in the Russian, Portuguese, English, Arabic, and Spanish language-based underground markets to determine how cybercriminals are abusing and monetising connected devices. The results reveal that the most advanced criminal markets are Russian and Portuguese-speaking forums, in which financially driven attacks are most prominent. 

In these forums, cybercriminal activity is focused on selling access to compromised devices, mainly routers, webcams and printers, so they can be leveraged for attacks.

"We've lifted the lid on the IoT threat landscape to find that cybercriminals are well on their way to creating a thriving marketplace for certain IoT-based attacks and services," says Steve Quane, executive vice president of network defense and hybrid cloud security for Trend Micro. 

"Criminals follow the money -- always. The IoT market will continue to grow, especially with landscape changes like 5G. While IoT attacks are still in their infancy, we also found criminals discussing how to leverage industrial equipment for the same gain," he explains. 

"Enterprises must be ready to protect their Industry 4.0 environments."

According to Trend Micro's findings, most conversations and active monetisation schemes are focused on consumer devices. However, discussions on how to discover and compromise connected industrial machinery are also occurring, especially the vital programmable logic controllers (PLCs) used to control large-scale manufacturing equipment. 

The most likely business plan to monetise attacks against these industrial devices involves digital extortion attacks that threaten production downtime.

Additionally, the report predicts an increase in IoT attack toolkits targeting a broader range of consumer devices, such as virtual reality devices. The opportunities for attackers will also multiply as more devices are connected to the internet, driven by 5G implementations.

"Trend Micro urges manufacturers to partner with IoT security experts to mitigate cyber-related risks from the design phase," says Quane. 

"End users and integrators should also gain visibility and control over connected devices to be aware of and curb their cyber risk."

Link image
Windows & Linux server monitoring for just $9 a month
Monitor your entire server infrastructure and get in-depth visibility into key performance indicators of your data center's Windows & Linux servers.More
Download image
How to make authentication as painless as possible
Multi-factor authentication seems to be the standard in top-end security authentication systems. But even MFA has its drawbacks. Find out how RSA SecurID provides the best authentication out there. More
Story image
How data warehouses have become the new data lakes for business
While data lakes are great when it comes to storage, they don’t perform well when it comes to analysis and reporting. The vast volumes and multiple formats mean that traditional data warehouse tools are unsuitable and another approach needs to be found.More
Story image
Trustworthy and reliable: why making data privacy a priority leads to stronger customer relationships
Showing you’re scrupulous about how you collect, use and store customer information also has a positive impact on your customers’ experience with your brand and your bottom line.More
Story image
Survey reveals Australians' appetite for remote working
The survey quizzed 1,000 office-working Australians, as well as participants in France, Germany, Italy and the UK, and was completed between 23 and 26 March.More
Story image
Microsoft Teams announces commitment to privacy in wake of Zoom woes
Microsoft 365 corporate vice president Jared Spataro says the Teams platform already has strong security and privacy policies in place, and committed to upholding them throughout this era of uncertainty.More