Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Wednesday August 16 2017, @12:23PM   Printer-friendly
from the sounds-fishy-to-me dept.

In further proof that security's only as strong as the weakest link, an Internet-connected fish tank has been used to gain access to a casino's internal network. While exact details have not been published, it has been claimed that 10 GB of data were sent outside the network. As more things become Internet-connected, it's likely these stories will become even more common.

Hackers are constantly looking for new ways to access people's data. Most recently, the way was as simple as a fish tank.

The hackers attempted to acquire data from a North American casino by using an Internet-connected fish tank, according to a report released Thursday by cybersecurity firm Darktrace.

The fish tank had sensors connected to a PC that regulated the temperature, food and cleanliness of the tank.

"Somebody got into the fish tank and used it to move around into other areas (of the network) and sent out data," said Justin Fier, Darktrace's director of cyber intelligence.

The casino's name and the type of data stolen were not disclosed in the report for security reasons, Darktrace said. The report said 10 GB of data were sent out to a device in Finland.

"This one is the most entertaining and clever thinking by hackers I've seen," said Hemu Nigam, a former federal prosecutor for computer crimes and current chief executive of SSP Blue, a cybersecurity company.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by LoRdTAW on Wednesday August 16 2017, @02:16PM (6 children)

    by LoRdTAW (3755) on Wednesday August 16 2017, @02:16PM (#554717) Journal

    Question is, how did they get to the tanks computer in the first place? Unsecure wifi? uPnP fuckery via open ports? IoT server vulnerability? Really bad router config?

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 4, Funny) by acid andy on Wednesday August 16 2017, @02:46PM (3 children)

    by acid andy (1683) on Wednesday August 16 2017, @02:46PM (#554730) Homepage Journal

    Well, first they worked out how to build an incredible machine that could shrink a human to many times less than their normal size. Then they built it and used it on themselves. Next, they purchased scuba diving equipment, which was quite a feat in itself, given their hugely diminished size. They had to shout to get the shopkeeper to notice them at the bottom of the counter. They threw the scuba gear into the shrinking machine, put it on and went to the casino. Then they climbed up a tiny ladder, made from matchsticks, and dived into the fish tank. They brought with them an Arduino with an ethernet connector, which they could only just about lift between them. They dug a hole in the dirt at the bottom of the fish tank, connected to the device and Bob was their mother's brother.

    --
    If a cat has kittens, does a rat have rittens, a bat bittens and a mat mittens?
    • (Score: 1) by TrentDavey on Wednesday August 16 2017, @03:24PM

      by TrentDavey (1526) on Wednesday August 16 2017, @03:24PM (#554745)

      ahh...
      I was wondering when I read:

      "Somebody got into the fish tank ... "

    • (Score: 2) by DeathMonkey on Wednesday August 16 2017, @05:25PM

      by DeathMonkey (1380) on Wednesday August 16 2017, @05:25PM (#554792) Journal

      Uh oh, looks like someone leaked the script to the new season of Mr. Robot.

    • (Score: 3, Informative) by PartTimeZombie on Wednesday August 16 2017, @10:29PM

      by PartTimeZombie (4827) on Wednesday August 16 2017, @10:29PM (#555002)

      Bob was their mother's brother.

      Robert is your Aunty's live-in lover.

  • (Score: 2) by Whoever on Wednesday August 16 2017, @02:59PM

    by Whoever (4524) on Wednesday August 16 2017, @02:59PM (#554736) Journal

    Perhaps the casino did not properly separate the network used for internal operations and a network providing WiFi to customers?

  • (Score: 2) by EvilSS on Wednesday August 16 2017, @03:01PM

    by EvilSS (1456) Subscriber Badge on Wednesday August 16 2017, @03:01PM (#554738)
    Wonder if this is like the Target incident, where they compromised an outside vendor and used their connection to the devices to hop to the casino network.