The growing adoption of IOT in homes, offices, smart cities has resulted in a lot of unwanted attention too. It seems to be the hottest subject on underground forums right now as cybercrimimals from around the world are putting their heads together looking for new ways to compromise them.
According to the latest Trend Micro report, "The Internet of Things in the Criminal Underground" forums in Russian and Portuguese are the most active when it comes to selling access to compromised devices such as routers, webcams and printers, so they can be used for IOT attacks.
Compromised IOT devices can be used to create an army of botnets for DDoS (distributed denial-of-services attack) attacks. A classic case of it was the October 2016 attack on DNS (domain name systems) service provider DYN in Europe and North America. Cybercrimimals used thousands of breached IP cameras, baby monitors and printers to carry out a series of DDoS attacks taking down major websites including Twitter, The Guardian, Netflix, Reddit, and CNN.
Researchers at trend Micro examined forums and underground markets in multiple languages including Russian, Portuguese, English, Arabic, and Spanish language-based underground markets to find out how cybercriminals were exploiting and monetising IOT devices.
“We’ve lifted the lid on the IoT threat landscape to find that cybercriminals are well on their way to creating a thriving marketplace for certain IoT-based attacks and services. While IOT attacks are still in their infancy, we also found criminals discussing how to leverage industrial equipment for the same gain. Enterprises must be ready to protect their Industry 4.0 environments," warned Steve Quane, executive VP of network defense and hybrid cloud security for Trend Micro said in a press statement.
As Quane pointed out, most conversations and schemes to monetise the attacks revolve around consumer devices. However, there were some discussions on exploiting connected industrial machinery, such as the PLCs (programmable logic controllers) which are widely used to control large-scale manufacturing equipment and using them to extort money from enterprises by threatening to block or slow down production.
The report also warns that attackers are looking to widen the attack surface and will go after VR (virtual reality) devices too. With the arrival of 5G, attacks on IOT devices are likely to grow big time.