The world of Internet of Things is notorious for the security risks it introduces on the network. Even if communication with the wide web is protected, programming flaws or misconfiguration could still let an attacker in. Such was the case with a smart fish tank, used by a hacker to gain a foothold in a company network and exfiltrate company information.
The aquarium in a casino in North America was equipped with various sensors that made maintenance easier. Temperature control, salinity level and feeding schedule were fully automated. The casino took precautions and restricted communications from the fish tank to a device outside the network to a secure line. This, however, did not stop a hacker from compromising the smart thing and moving to other locations on the company network, according to a report from CNN.
It is unclear what type of information was exfiltrated from the casino’s computers, but an investigation revealed that 10GB of data passed to an IP address in Finland. If this was the final destination for the stolen packets or if it was used as a proxy to cover the real IP address of the hacker are questions for law enforcement.
Exposure of accounts of connected things on the wide web are very common. From cameras, routers and printers to smart thermostats and home appliances, the security industry has seen most any type of IoT device accessible directly from the internet. Even more sensitive gear, like the satellite internet equipment on ships, has been found recently to be facing the wide web, protected with the default credentials from the manufacturer.
The case of the smart fish tank shows that attackers search high and low for insecure or poorly protected web services (e.g. remote desktop, SSH), or vulnerabilities, to move laterally inside the network in the search for important data. More compromise reports showing an IoT device as the point of entry are certain to follow.
Credit: seebo.com
tags
November 14, 2024
September 06, 2024