Ride the Lightning

Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.

Hackers Stole a Casino’s Database of High-rollers Via A Fish Tank Thermometer

May 22, 2018

The Internet of Things (IoT) will no doubt provide improbable and comic headlines like the one above for many years. Thanks to RTL reader Amelia Porges for pointing me to this story on Business Insider.

Nicole Eagan, the CEO of Darktrace, told the Wall Street Journal CEO Council Conference in London recently: "There's a lot of Internet-of-things devices, everything from thermostats, refrigeration systems, HVAC systems, to people who bring in their Alexa devices into the offices. There's just a lot of IoT. It expands the attack surface, and most of this isn't covered by traditional defenses."

Eagan gave one memorable anecdote about a case Darktrace worked on in which a casino was hacked via a thermometer in an aquarium in the lobby. "The attackers used that to get a foothold in the network," she said. "They then found the high-roller database and then pulled that back across the network, out the thermostat, and up to the cloud."

Ah, the dangers of fish aquarium thermometers . . .

Robert Hannigan, who ran the British government's digital-spying agency, Government Communications Headquarters, from 2014 to 2017, appeared with Eagan on the panel and agreed that hackers' targeting of internet-of-things devices is an escalating issue.

"With the internet of things producing thousands of new devices shoved onto the internet over the next few years, that's going to be an increasing problem," Hannigan said. "I saw a bank that had been hacked through its CCTV cameras, because these devices are bought purely on cost."

He called for regulation to mandate safety standards. "It's probably one area where there'll likely need to be regulation for minimum security standards, because the market isn't going to correct itself," he said. "The problem is these devices still work — the fish tank or the CCTV camera still work."

He's quite right, but I'm not sure I see regulations coming anytime soon. We want all these sleek new devices, at a low price and utterly convenient to use – security isn't a consideration until something major happens. In the current government atmosphere of abandoning regulations at warp speed, new regulations do not seem likely, however warranted they may be.

E-mail: Phone: 703-359-0700
Digital Forensics/Information Security/Information Technology
https://www.senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson

Sharon D. Nelson, Esq.
President

Subscribe in a Reader

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Ride the Lightning

Hackers Stole a Casino’s Database of High-rollers Via A Fish Tank Thermometer

Subscribe for More!

Recent Posts

Listen to the Podcast

Disclaimer