It is a fact that the soaring number of internet-connected devices has made it easier for cyber-criminals to fulfill their malicious objectives without much ado. The weak security of these devices has helped bad guys greatly as data hacks have become so common and regular.
Phishing is a well-known term in the cyber-security community, and it has got nothing to do with fishing. However, we had no idea that even real-life fish tanks would prove to be equally dangerous as phishing scams. Reportedly, hackers found a way to use an Internet-connected fish tank to steal data from a North America based casino.
The data breach was notified by Darktrace, a security firm, which stated in its report that the fish tank was connected to the internet and hackers managed to bypass the security. Even though the Casino took up-to-date security measures, hackers successfully infiltrated the fish tank and stole data. The stolen data was sent to a device based in Finland. Eventually, the attack was identified and thwarted.
Darktrace’s cyber intelligence director Justin Fier told CNN that using the fish tank, someone got “into the network” and once the security was breached the hackers “scanned [the fish tank], found other vulnerabilities and moved laterally to other places in the network.”
The fish tank was linked with the internet to feed fishes automatically and maintain a comfortable environment inside the tank.
Darktrace has listed nine different kinds of threats that corporate networks need to stay alert from in its report published on Thursday. The threats were identified using threat detection technology. According to Fier, a former contractor for the US intelligence, the threats will be coming from rather unconventional mediums and devices. Fish tanks are just one of the many possible weak links in this regard.
“I think you’re going to start to see attackers, whether nation-state or criminal, having to get more creative in their attack vectors,” says Fier.