Trend Micro released a report today detailing the increase in the monetization of IoT attacks.
The report found that forums across English, Spanish, Russian, Portuguese, and Arabic language markets are booming with chatter around how to compromise IoT devices and exploit them for profit.
Within the Russian and Portuguese markets, almost all attacks have been found to be financially driven and are the most criminally sophisticated. Participants in these forums are really focused on selling unauthorized access to compromised devices, usually routers, webcams, and printers, to leverage these devices for attacks.
Consumer IoT devices pose the biggest threat, but businesses are becoming increasingly more at risk as hackers look to compromise connected industrial machinery to launch digital extortion attacks.
Researchers at Trend Micro concluded the report with four predictions for the future that should leave everyone worried.
- The move from 4G to 5G will open more outlets for exploitation by hackers
- Attacks on Vr devices and cryptocurrency mining kits are going to see a huge increase
- Digital extortion attacks are also going to increase in frequency as programmable logic controllers (PLCs) and HMIs are increasingly more commonly found online
- Attacks on routers will soon evolve entirely as ISPs become more familiar with tactics that take advantage of DNS settings
This news comes on the heels of a survey recently released by Deloitte which found that less than a fifth of IT professionals are confident in their ability to secure IoT devices.
While the rapid adoption of these devices offers endless benefits, keeping these devices unsecured will only lead to a rise in cyberattacks, breaches, and business disruptions.
Without security in the forefront of product development, sufficient monitoring tools, and visibility into your IT environment, organizations will continue to be at risk of an attack. We suggest regularly scanning all devices connected to your network and identifying what they are, and also checking your environment regularly for anything new to determine how it operates, functions, and capabilities.