A casino that was hacked in an unorthodox manner has brought to light the numerous risks that are associated with living in a society in which electronic gadgets are able to communicate with one another. These risks are being brought to light by the amazing world of technology and the Internet of Things (IoT).
A clever and enterprising hacker was able to gain access to a so-called “smart fish tank” that was installed at an unnamed casino (for obvious reasons related to security). After gaining access, the hacker sent at least 10 gigabytes of data to an anonymous web destination that was registered in Finland.
The high-tech fish tank, in addition to serving as an aesthetically appealing element in the lobby of a casino, is capable of monitoring things such as the temperature and salinity of the water in the tank, and it also provides an automatic feeding system for the fish that live in the tank. The fact that the smart tank had been connected to the casino’s own internal database, however, was the source of the problem. This was obviously how the competent hacker eventually acquired access to more information than just the routine for feeding the fish each day.
Covered Up By What Is Visible
According to a security report that was created by cyber-experts from Darktrace, the smart tank would occasionally speak with other connected devices that were functioning around the casino. This type of communication would not have been out of the norm in terms of interconnectivity because the casino would have been filled with connected gadgets. It wasn’t until cybersecurity experts realized that the tank had been sending an unusually big volume of data that it was eventually determined that some kind of foul activity had been taking place. Nevertheless, by this point in time, obviously, the data had already been transferred to the external site.
massive quantities of critical information pertaining to VIP players had been sent out of the tank unnoticed up to that point in time by the tank, which had been exporting the information in massive amounts. It was common knowledge that the security protocols of the casino had been successfully subverted.
When a Tank Is Something Other Than Just a Tank
According to recent statements made by cybersecurity professionals, the attack is particularly significant due to its extreme stealthiness.
The attack was able to elude detection by the casino’s usual in-house cybersecurity tools and protections due to the creative manner in which the system had been hacked. This particular breach had been an example of not being able to identify what isn’t known to be there because typical security protections can only detect “known causes.”
Nicole Egan, CEO of Darktrace, believes that the primary source of the issue is a never-ending attack surface that is produced by a variety of devices that are now routinely part of the IoT landscape. Because everything from air conditioning systems to refrigeration equipment and baby monitors may now speak with one another thanks to the interconnectedness enabled by the internet of things (IoT), the possibilities for a breach are also unlimited.
And with that, we can now officially include the lowly fish tank in that list of options.