IoT Vulnerabilities: Low Hanging Fruit for Cybercriminals

The potential attack surface for cybercriminals is expanding alongside the growing adoption of IoT devices in homes, businesses and industries. The interconnected nature of these devices presents an enticing target for malicious actors looking to launch cybersecurity attacks across multiple access points. During 1H23, Kaspersky identified over 700 advertisements for sophisticated DDoS attack services on dark web forums, underscoring the growing interest in compromising vulnerable IoT devices. 

Cybercriminals are drawn to IoT devices due to their cost-effective design, often prioritizing convenience over robust security features which could protect them against a vast number of cyberthreats. IoT software vulnerabilities are also easily identifiable by cybercriminals, which allow them to extort users after gaining access to their sensitive and confidential information. This low hanging fruit has engendered a hacking services market targeting IoT devices in the dark web, which can cost between US$20 per day to US$10,000 per month, as reported by Kaspersky.

"The IoT world is filled with cyberdangers, including DDoS attacks, ransomware and security issues in both smart home and industrial devices. Kaspersky's report stresses the need for a responsible approach to IoT security, pushing vendors to enhance product security from the get-go and proactively protect users,” says Yaroslav Shmelev, Security Expert Consultant, Kaspersky. 

Converging interests among cybercriminals have driven them to design sophisticated solutions that effectively obstruct malware carried out by another hacker. Nevertheless, the most common method for compromising IoT devices continues to be brute-force attacks on weak passwords and software vulnerabilities. IoT devices are also susceptible to physical tampering, providing cybercriminals with opportunities to introduce malicious malware into a users’ network. 

The most detrimental cybersecurity threats targeting IoT devices primarily involve malware attacks, according to Kaspersky’s report. These include Distributed Denial of Service (DDoS) attacks, which are used to overwhelm servers and disrupt online services, as well as ransomware attacks that demand payment for decrypting the users’ compromised data. Domain Name System Changers maliciously alter DNS settings, redirecting traffic to cybercriminal-controlled servers. More recently, some hackers are attempting to harness IoT devices for cryptocurrency mining despite their low processing power. 

To effectively safeguard both personal and industrial IoT devices, Kaspersky recommends regular cybersecurity assessments to identify and rectify potential vulnerabilities. Moreover, they advise companies to implement ICS network traffic monitoring and detection solutions to protect critical enterprise assets from cyberattacks. Additionally, conducting a thorough cybersecurity assessment of devices before deploying them can help mitigate future security risks. To promote this market practice, “preference should be given to devices that have cybersecurity certificates and products from those manufacturers that pay more attention to information security,” reads the report. 

Overall, cybercriminals targeting IoT devices pose a significant threat, particularly in Mexico, where 92 million people regularly connect to the internet. Furthermore, as Mexican companies increasingly migrate their operations to the cloud, over 90% of them have adopted digital solutions for network connectivity and communication, further increasing their exposure to cyberattacks through vulnerable devices.