The CEO of Darktrace said that Hackers have been targeting unprotected IoT devices to gain access to corporate networks. An incident has taken place in a casino where the hackers managed to steal the database of high rolling customers by taking advantage of a vulnerable fish tank thermometer in the network!.
The CEO of Darktrace said:
“The attackers used that to get a foothold in the network. They then found the high-roller database and then pulled that back across the network, out the thermostat, and up to the cloud,” she said.
The fish tank had the sensors connected to a Personal Computer that regulated the temperature, food and cleaninees of the tank.The report from the Darktrace said that 10GB of data was transferred to Finland.
“Somebody got into the fish tank and used it to move around into other areas (of the network) and sent out data,” said Justin Fier, Darktrace’s director of cyber intelligence.
“This one is the most entertaining and clever thinking by hackers I’ve seen,” said Hemu Nigam, a former federal prosecutor for computer crimes and current chief executive of SSP Blue, a cybersecurity company.
As more and more IoT products are released into the market opportunities for hackers to access data through unusual ways has risen. An Internet-connected toy can learn the name, location and other personal information of your child easily, The FBI believe that IoT devices must be regulated.
“Everything has to go through FTC approval, I’d be curious to see if that happens on the cyber front,” he said. “That you have to do the bare minimum to protect these products. But that’s just for the U.S. How do you do this globally?”
The customers should educate themselves of about IoT Products and take advantage of the security updates provided by the manufacturers by updating their software with latest security patches.
Take your time to comment on this article.
Latest posts by Harikrishna Mekala (see all)
- Tor users will not get Captcha Challenges anymore on Cloudflare protected websites - September 21, 2018
- Adobe Addresses a Number of Critical Remote Execution Vulnerabilities - September 21, 2018
- Authentication Bypass Vulnerability Disclosed in Western Digital My Cloud NAS Devices - September 21, 2018