Attackers exfiltrated a casino’s high-roller list through a connected fish tank

Haythem Elmir
0 1
Read Time1 Minute, 41 Second

Attackers exfiltrated a casino’s high-roller list through a connected fish tank

Nicole Eagan, the CEO of cybersecurity company Darktrace, revealed that is company investigated that hack of an unnamed casino that was breached via a thermometer in a lobby fish tank.

Internet of things devices are enlarging our attack surface, smart devices are increasingly targeted by hackers in the wild.

The case we are going to discuss demonstrate it, Nicole Eagan, the CEO of cybersecurity company Darktrace, revealed that is company investigated that hack of an unnamed casino that was breached via a thermometer in a lobby aquarium.

“There’s a lot of internet of things devices, everything from thermostats, refrigeration systems, HVAC [air conditioning] systems, to people who bring in their Alexa devices into the offices. There’s just a lot of IoT. It expands the attack surface and most of this isn’t covered by traditional defenses.” Nicole Eagan, the CEO of cybersecurity company Darktrace, told the WSJ CEO Council in London on Thursday.

“The attackers used that to get a foothold in the network. They then found the high-roller database and then pulled that back across the network, out the thermostat, and up to the cloud,” 

The hackers stole the casino’s high-roller database through a thermometer in the lobby fish tank.

fish tank

This isn’t the first a thermometer hack reported by experts at Darktrace, in July 2017 hackers attempted to exfiltrate data from a US casino by hacking into an Internet-connected fish tank.

A connected fish tank included sensors used to control the temperature, food distribution, and cleanliness of the tank.

“Somebody got into the fish tank and used it to move around into other areas (of the network) and sent out data,” said Justin Fier, Darktrace’s director of cyber intelligence. 

At the time, hackers exfiltrated 10 GB of data that were sent out to a device in Finland.

To read the  original article:

https://securityaffairs.co/wordpress/71433/hacking/fish-tank-hack.html

 

Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
100 %

Average Rating

5 Star
0%
4 Star
0%
3 Star
0%
2 Star
0%
1 Star
0%

Laisser un commentaire

Next Post

Microsoft engineer charged with money laundering linked to Reveton ransomware

The Microsoft network engineer Raymond Uadiale (41)  is facing federal charges in Florida for the alleged involvement in Reveton Ransomware case. The man is suspected to have had a role in helping launder money obtained from victims of the Reventon ransomware. Uadiale currently works at Microsoft site in Seattle since 2014, […]