Cybercriminals are actively discussing how to compromise connected or Internet of Things (IoT) devices and how to leverage these devices for money-making schemes, a new report by cyber security firm Trend Micro said on Monday.
Trend Micro Research analysed forums in the Russian, Portuguese, English, Arabic, and Spanish language-based underground markets to determine how cybercriminals are abusing and monetising connected devices.
“We’ve lifted the lid on the IoT threat landscape to find that cybercriminals are well on their way to creating a thriving marketplace for certain IoT-based attacks and services,” Steve Quane, Executive Vice President of Network Defense and Hybrid Cloud Security, Trend Micro, said in a statement.
The results reveal that the most advanced criminal markets are Russian and Portuguese-speaking forums, in which financially driven attacks are most prominent.
In these forums, cybercriminal activity is focused on selling access to compromised devices — mainly routers, webcams and printers — so they can be leveraged for attacks.
“Criminals follow the money — always. The IoT market will continue to grow, especially with landscape changes like 5G. While IoT attacks are still in their infancy, we also found criminals discussing how to leverage industrial equipment for the same gain. Enterprises must be ready to protect their Industry 4.0 environments,” Quane informed.
The report predicts an increase in IoT attack toolkits, targeting a broader range of consumer devices, such as virtual reality (VR) devices.
The opportunities for attackers will also multiply as more devices are connected to the Internet, driven by 5G implementations.
The firm urges manufacturers to partner with IoT security experts to mitigate cyber-related risks from the design phase.