By Stephen Hilt, Vladimir Kropotov, Fernando Mercês, Mayra Rosario, and David Sancho
In our paper “The Internet of Things in the Cybercrime Underground,” we looked into IoT-related discussions from several cybercrime underground communities. We found discussions ranging from tutorials to actual monetization schemes for IoT-related attacks. Unsurprisingly, exposed devices and vulnerabilities were of great interest to the underground communities in their search for possible attack opportunities. For this entry, we provide an overview of what cybercriminals see as perfect openings for attacks on IoT technologies.
For our research, we identified five cybercrime underground communities based on the language used in the forums. Starting with the group with the greatest activity and most sophisticated discussions, these are Russian, Portuguese, English, Arabic, and Spanish.
The Russian underground holds the most dynamic discussions on IoT-related attacks. In this community, cybercriminals often post ads for services or information that they are willing to pay for — and one example of these are vulnerabilities. As seen in the image below, a cybercriminal is offering to pay for vulnerability discoveries in any IoT device.
Figure 1. A user asking for exploitable vulnerabilities in IoT devices
Monetization is the focus in this community and posts about less common devices show an exploration of new opportunities. For example, smart meters and gas pumps were also talked about, but only modified physical versions were being offered.
The second most active underground community that we found was the Portuguese. The highlight of our findings in this community included a discussion on a criminal service that takes advanta ..
Support the originator by clicking the read the rest link below.
