How the Internet of Things (IoT) became a dark web target – and what to do about it

The average cost of a successful attack on an IoT device exceeds $330,000.

The average cost of a successful attack on an IoT device exceeds $330,000. Image: Getty Images/iStockphoto

Antoinette Hodes
Office of the CTO, Check Point Software Technologies
Our Impact
What's the World Economic Forum doing to accelerate action on Cybersecurity?
A hand holding a looking glass by a lake
Crowdsource Innovation
Get involved with our crowdsourced digital platform to deliver impact at scale
This article is part of: Centre for Cybersecurity
  • The Internet of Things (IoT) is vulnerable to dark web cybercriminals looking to compromise network security.
  • Adversarial AI is an additional tool in the hacker armoury for exploiting IoT vulnerabilities.
  • A zero-tolerance approach across the entire IoT supply chain is needed.

The dark web has evolved into a clandestine marketplace where illicit activities flourish under the cloak of anonymity.

Due to its restricted accessibility, it exhibits a decentralized structure with less stringent enforcement of security controls, making it a common marketplace for malicious activities. The Internet of Things (IoT), with its devices' interconnected nature and vulnerabilities, has become an attractive target for cybercriminals operating out of the dark web. One weak link – i.e., a compromised IoT device – can compromise the entire network's security. The financial repercussions of a breached device can be vast, not just in terms of ransom demands but also in regulatory fines, loss of reputation and the cost of remediation.

Have you read?

With their interconnected nature and vulnerabilities, IoT devices are attractive entry points for cybercriminals. They are highly desirable targets since they often represent a single point of vulnerability that can impact numerous victims simultaneously.

Check Point Research found a sharp increase in cyberattacks targeting IoT devices, observing a trend across all regions and sectors. Europe experiences the highest number of incidents per week: on average, nearly 70 IoT attacks per organization.

The average number of IoT attacks per organization, broken down by region on a weekly basis.
The average number of IoT attacks per organization, broken down by region on a weekly basis. Image: Check Point Software Technologies

Gateways to the dark web

Based on research from PSAcertified, the average cost of a successful attack on an IoT device exceeds $330,000. Forrester's report reveals that 34% of enterprises that fell victim to a breach via IoT devices faced higher cumulative breach costs than cyberattacks on non-IoT devices, ranging between $5 million and $10 million.

By exploiting security vulnerabilities, malicious actors can gain unauthorized access to devices, networks, and sensitive data, enabling them to launch various attacks. Other examples are utilizing compromised IoT devices for botnet infections, turning them into zombies to participate in distributed denial-of-service (DDoS), ransomware and propagation attacks, as well as crypto-mining and exploitation of IoT devices as proxies for the dark web.

The different layers of the web.
The different layers of the web. Image: Check Point Software Technologies

The dark web relies on an arsenal of tools and associated services to facilitate illicit activities. Kaspersky research revealed a thriving underground economy operating within the dark web centred around services associated with IoT. In particular, there seems to be a huge demand for DDoS attacks orchestrated through IoT botnets: During the first half of 2023, Kaspersky identified over 700 advertisements for DDoS attack services across various dark web forums.

IoT devices have become valuable assets in this underworld marketplace; on the dark web, the value of a compromised device is often greater than the retail price of the device itself. Upon examining one of the numerous Telegram channels used for trading dark web products and services, one can come across scam pages, tutorials covering various malicious activities, harmful configuration files with "how-to's", SSH crackers, and more. Essentially, a complete assortment of tools, from hacking resources to anonymization services, can be found for the purpose of capitalizing on compromised devices. Furthermore, vast amounts of sensitive data are bought and sold.

AI’s dark capabilities

Adversarial machine learning can be used to attack, deceive and bypass machine learning systems. The combination of IoT and AI has propelled dark web-originated attacks to unprecedented levels, including:

  • Automated exploitation: AI algorithms automate the process of scanning for vulnerabilities and security flaws with subsequent exploitation methods. This opens doors to large-scale attacks with zero human interaction.
  • Adaptive attacks: With AI, attackers can now adjust their strategies in real-time by analyzing the responses and defences encountered during an attack. This ability to adapt poses a significant challenge for traditional security measures in effectively detecting and mitigating IoT hacks and attacks.
  • Behavioural analysis: AI-driven analytics enables the examination of IoT devices and user behaviour, allowing for the identification of patterns, anomalies, and vulnerabilities. Malicious actors can utilize this capability to profile IoT devices, exploit their weaknesses, and evade detection from security systems.
  • Adversarial attacks: Adversarial attacks can be used to trick AI models and IoT devices into making incorrect or unintended decisions, potentially leading to security breaches. These attacks aim to exploit weaknesses in the system's algorithms or vulnerabilities.

Zero-tolerance security

The convergence of IoT and AI brings numerous advantages, but it also presents fresh challenges. To enhance IoT security and device resilience and safeguard sensitive data, organizations must implement comprehensive security measures based on zero-tolerance principles across the entire IoT supply chain.

Factors such as data security, device security, secure communication, confidentiality, privacy, and other non-functional requirements like maintainability, reliability, usability and scalability highlight the critical need for security controls in IoT devices. These should encompass elements like secure communication, access controls, encryption, software patches, device hardening, etc. As part of the security process, the focus should be on industry standards such as "secure by design" and "secure by default", the average number of IoT attacks per organization, broken down by region every week.

Cybersecurity considerations in the IoT.
Cybersecurity considerations in the IoT. Image: Check Point Software Technologies

Collaborations and alliances within the industry are pivotal in developing standardized IoT security practices and establishing industry-wide security standards. By integrating dedicated IoT security, organizations can enhance their overall value proposition and ensure compliance with regulatory obligations.

In today's landscape, numerous regions demand adherence to stringent security standards, both during product sales and while responding to Request for Information and Request for Proposal solicitations. IoT manufacturers with robust, ideally on-device security capabilities can showcase a distinct advantage, setting them apart from their competitors. Furthermore, incorporating dedicated IoT security controls enables seamless, scalable and efficient operations, reducing the need for emergency software updates.


How is the Forum tackling global cybersecurity challenges?

IoT security plays a crucial role in enhancing the Overall Equipment Effectiveness (a measurement of manufacturing productivity, defined as availability x performance x quality), as well as facilitating early bug detection in IoT firmware before official release. Additionally, it demonstrates a solid commitment to prevention and security measures.

By prioritizing dedicated IoT security, we actively contribute to the establishment of secure and reliable IoT ecosystems, which serve to raise awareness, educate stakeholders, foster trust and cultivate long-term customer loyalty. Ultimately, they enhance credibility and reputation in the market. Ensuring IoT device security is essential in preventing IoT devices from falling into the hands of the dark web army.

Don't miss any update on this topic

Create a free account and access your personalized content collection with our latest publications and analyses.

Sign up for free

License and Republishing

World Economic Forum articles may be republished in accordance with the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Public License, and in accordance with our Terms of Use.

The views expressed in this article are those of the author alone and not the World Economic Forum.

Related topics:
CybersecurityFourth Industrial Revolution
World Economic Forum logo
Global Agenda

The Agenda Weekly

A weekly update of the most important issues driving the global agenda

Subscribe today

You can unsubscribe at any time using the link in our emails. For more details, review our privacy policy.

Paris Olympics 2024: Cybersecurity experts sound the alarm on cyber threats

Spencer Feingold

June 13, 2024

About Us



Partners & Members

  • Join Us

Language Editions

Privacy Policy & Terms of Service

© 2024 World Economic Forum