Cybercriminals are now discussing how to hack IoT devices: Trend Micro

by | Sep 24, 2019

AWS Outpost, Edge Computing, Artificial Intelligence, IoT, Intelligent Edge

Artificial Intelligence, IoT, Intelligent Edge

Trend Micro Inc. a global leader in cybersecurity solutions, today released new research detailing a fast-growing market for IoT attacks. Cybercriminals from around the world are actively discussing how to compromise connected devices, and how to leverage these devices for moneymaking schemes.

Trend Micro Research analyzed forums in the Russian, Portuguese, English, Arabic, and Spanish language-based underground markets to determine how cybercriminals are abusing and monetizing connected devices. The results reveal that the most advanced criminal markets are Russian- and Portuguese-speaking forums, in which financially driven attacks are most prominent. In these forums, cybercriminal activity is focused on selling access to compromised devices – mainly routers, webcams and printers – so they can be leveraged for attacks.

“We’ve lifted the lid on the IoT threat landscape to find that cybercriminals are well on their way to creating a thriving marketplace for certain IoT-based attacks and services,” said Steve Quane, executive vice president of network defense and hybrid cloud security for Trend Micro. “Criminals follow the money – always. The IoT market will continue to grow, especially with landscape changes like 5G. While IoT attacks are still in their infancy, we also found criminals discussing how to leverage industrial equipment for the same gain. Enterprises must be ready to protect their Industry 4.0 environments.”

According to Trend Micro’s findings, most conversations and active monetization schemes are focused on consumer devices. However, discussions on how to discover and compromise connected industrial machinery are also occurring, especially the vital programmable logic controllers (PLCs) used to control large-scale manufacturing equipment. The most likely business plan to monetize attacks against these industrial devices involves digital extortion attacks that threaten production downtime.

Additionally, the report predicts an increase in IoT attack toolkits targeting a broader range of consumer devices, such as virtual reality devices. The opportunities for attackers will also multiply as more devices are connected to the internet, driven by 5G implementations.

Trend Micro urges manufacturers to partner with IoT security experts to mitigate cyber-related risks from the design phase. End users and integrators should also gain visibility and control over connected devices to be aware of and curb their cyber risk.

The full report, The Internet of Things in the Criminal Underground, can be found here.

Share This Article!

Brian Pereira
Brian Pereira
Brian Pereira is an Indian journalist and editor based in Mumbai. He founded Digital Creed in 2015. A technology buff, former computer instructor, and software developer, Brian has 29 years of journalism experience (since 1994). Brian is the former Editor of CHIP India, InformationWeek India and CISO Mag. He has served India's leading newspaper groups: The Times of India and The Indian Express. Presently, he serves the Information Security Media Group, as Sr. Director, Editorial. You'll find his most current work on CIO Inc. During his career he wrote (and continues to write) 5000+ technology articles. He conducted more than 450 industry interviews. Brian writes on aviation, drones, cybersecurity, tech startups, cloud, data center, AI/ML/Gen AI, IoT, Blockchain etc. He achieved certifications from the EC-Council (Certified Secure Computer User) and from IBM (Basics of Cloud Computing). Apart from those, he has successfully completed many courses on Content Marketing and Business Writing. He recently achieved a Certificate in Cybersecurity (CC) from the international certification body ISC2. Follow Brian on Twitter (@creed_digital) and LinkedIn. Email Brian at: [email protected]
Recommended Posts
The First 90 Days Are Crucial for the CISO and CIO

This book arms you with insights into crafting a robust 90-day plan, and you’ll be well-equipped to catapult into CIO or CISO roles successfully. Beyond technical proficiency, the book instills survival skills, ensuring longevity and helping you prevent burnout in these pivotal positions.

Similar Articles