Cybercriminals New Playground: The Dark Side of IoT Devices

The Internet of Things (IoT) has brought significant benefits to our daily lives, making it easier to monitor and control various aspects of our homes, workplaces, and even our bodies. However, the proliferation of these connected devices has also created new security risks that have opened up a dark side of the IoT. Cybercriminals have been quick to take advantage of these vulnerabilities, turning IoT devices into a new threat vector for their nefarious activities.

The Dark Side of IoT Devices

IoT devices are designed to be easy to use and accessible to anyone, but this also means they often lack the security features found in more traditional computing devices. Many IoT devices are built on cheap, low-power hardware with limited processing power and memory, making them vulnerable to attacks that can take advantage of their weak security protocols. Additionally, many IoT devices are configured to automatically connect to the internet without the user’s knowledge or consent, making them even more susceptible to attacks.

One of the biggest concerns with IoT devices is that they can be used as entry points into larger networks, allowing cybercriminals to gain access to sensitive information or control systems remotely. For example, an attacker could use a compromised IoT device to gain access to a home’s Wi-Fi network, allowing them to steal personal information or launch further attacks against other devices on the network. Similarly, a compromised IoT device in a workplace could provide a backdoor into the company’s network, allowing attackers to steal sensitive data or launch ransomware attacks.

Another issue with IoT devices is that they are often designed to collect and transmit large amounts of personal data, including sensitive information such as biometric data, location data, and even audio and video recordings. This data can be intercepted and used for identity theft, blackmail, or other malicious activities. Additionally, IoT devices that are not properly secured can be remotely controlled by attackers to spy on users or even physically harm them.

What can users do to protect themselves?

While IoT devices pose significant risks, there are steps that users can take to protect themselves from these threats. Here are some measures that users can take to secure their IoT devices:

Change default passwords - Most IoT devices come with default passwords that are easy to guess. Users should change these passwords to strong, unique passwords that are not easily guessable.

Update firmware regularly - IoT devices often receive firmware updates that address security vulnerabilities. Users should regularly check for and install these updates to ensure their devices are secure.

Disable unnecessary features - IoT devices often come with features that users don’t need or use, such as remote access or data collection. Users should disable these features to reduce the attack surface of their devices.

Use a separate network - Users can set up a separate network for their IoT devices, separate from their main network. This can limit the potential damage in case of a breach.

Use a VPN - Users can use a VPN (Virtual Private Network) to encrypt their internet traffic and protect their devices from attacks.


The dark side of IoT devices is a significant threat that should not be underestimated. As more and more devices become connected to the internet, the potential for attacks will only increase. However, with the right security measures in place, users can protect themselves from these threats and enjoy the benefits of IoT devices without compromising their security and privacy.


I actually think the most dangerous thing about devices not only connected to the home-intern network but also to the IoT (and World Wide Web) is that they can be “spyed” on without being noticed by the one using them. For example you have a regulator for your heating system within your house. It controls how much water will be boiled to e.g. take a bath or wash hands. Now, imagine a hacker would get useful data and other interesting things about your daily behavior.
For example:

  • You are taking a bath everyday at 6 p.m.
  • You are not living by yourself (noticeable by the amount of boiled water).
  • The number of rooms to be heated.
  • You exercise every day at 4 p.m.

Scary, isn’t it? And the point is, it doesn’t stop there (without being noticed). There are other devices connected which can be used to gather information and important data (e.g. when you get home, etc.).



I think my favorite example of this is when a casino was hacked several years ago. I don’t remember many details and I don’t think much was actually released publicly. However, I do recall the network entry point. It was an automatic fish tank feeder installed in an aquarium on the premises.


That’s quite an Idea to get access through an automatic fish tank feeder. That certainly made my day.
If I recall correctly, you are referring to a hack of a casino back in 2017:

“The hackers attempted to acquire data from a North American casino by using an Internet-connected fish tank, according to a report released Thursday by cybersecurity firm Darktrace.” - Washington Post

To read further:


1 Like

@AlexKubu Nice try son, nice way to sneak a Ad in too.