The story comes from Nicole Eagan, CEO of cybersecurity firm Darktrace, who told it at the WSJ CEO Council Conference in London.
At the time of the attack, the as-yet-anonymous North American casino had engaged Darktrace to secure and protect their infrastructure. The fish tank in question was a high-tech set up which featured Internet connectivity, allowing remote feeding and automatic adjustment of the temperature and salinity. While great for the fishes this Internet of Things (IoT) device was the weak link in the casino’s cybersecurity.
The attackers used the IoT thermometer, which was connected to the casino’s network, to gain a foothold in the network. Once inside they located the data, which they then pulled that back across the network, out the thermostat and up to the cloud. They managed to nab 10 gigabytes of data and send it to a device in Finland before the threat was detected and stopped.
Darktrace was able to successfully discover and halt this attack using their software, which scans for anomalous activity. The software flagged up the strange behaviour of the thermostat as it was the only device in the casino that sending data to a remote server in Finland.
Hackers Increasingly Attacking Unprotected IoT Devices
While the idea of hackers targeting a fish tank may seem laughable, it is this same system weakness that could leave enterprises, organisations and individuals to open to significant risk. This incident highlights the vulnerability of IoT devices, a security flaw we rarely consider when hooking them up to the network. IoT represents a significant technological shift and needs to be addressed appropriately.
As IoT devices become more commonplace within the home and the office, our exposure to potential cybercriminals rises. Attackers are discovering more ingenious ways to take advantage of this vulnerability. Thermostats, fridges, Alexa devices, coffee makers and children’s toys expand the attack surface and most of them are not covered by traditional cybersecurity as manufacturers tend to focus on usability rather than cybersafety.
According to research by Forescout 2.7 million firms in the UK are leaving the door open to attackers due to unsecured IoT devices as traditional perimeter defences are not applicable to them.
Director for Cyber Intelligence and Analysis at Darktrace, Justin Fier said: “In the current cyber climate with political and corporate espionage, I think you’re going to start to see attackers, whether nation-state or criminal, having to get more creative in their attack vectors.”