It seems like the “Internet of Things” (IoT) has been starting to become a venue for illegal access of corporate systems as a casino got hacked after its high-roller database was acquired through a thermometer placed in a fish tank.
According to a report by Business Insider UK, Nicole Eagan, the CEO of Darktrace which is a cybersecurity company said that they once worked on a case where a casino got hacked through a thermometer in an aquarium placed in the lobby.
She said: “The attackers used that to get a foothold in the network. They then found the high-roller database and then pulled that back across the network, out the thermostat, and up to the cloud.”
Eagan added that these IoT devices broadens the attack surface which is mostly not covered by traditional defenses.
“There’s a lot of internet of things devices, everything from thermostats, refrigeration systems, HVAC [air conditioning] systems, to people who bring in their Alexa devices into the offices. There’s just a lot of IoT. It expands the attack surface and most of this isn’t covered by traditional defenses,” she added.
Former Director of British government’s digital spying agency GCHQ then said that there is a need to regulation for safety standards of such because “these devices still work”.
(Photo source: aquaristclub.co.uk/ tripwire.com)