Casino Breached Via Fish Tank

Monday, July 24, 2017 @ 05:07 PM gHale

Phishing brought on a whole new meaning at a casino, researchers said.

That is because a casino in the United States ended up compromised after hackers broke into its network and stole data after first breaking into a “smart” fish tank connected to the Internet.

Summit: Security Needs Hands on Training
Ransomware Attack Part II
Monitoring Network Could Help Find Attack
Grid Attack: Understand ‘What We Will See Tomorrow’

The connected fish tank exposed the casino to hackers, as an unnamed group of attackers managed to infiltrate into the network and upload data on a server in Finland, according to a report from network security provider, Darktrace.

The breach was eventually discovered, and the flaw fixed.

“Someone used the fish tank to get into the network, and once they were in the fish tank, they scanned and found other vulnerabilities and moved laterally to other places in the network,” said Justin Fier, director of cyber intelligence and analysis at Darktrace in a published report.

Once inside a network, hackers can start scanning for other security flaws in connected computers, and this exposes a company to other risks.

The fish tank was connected to the Internet to automatically feed the fish and keep their environment comfortable — but it became a weak link in the casino’s security.

The Casino used Darktrace’s threat detection technology that sits on a company’s network and monitors the activity taking place.

When the technology notices an anomaly — like a device that doesn’t belong or data being sent somewhere it shouldn’t — it alerts the company’s security team.

Leave a Reply

You must be logged in to post a comment.