Hackers Stole a Casino's High-Roller Database Through a Thermometer in the Lobby Fish Tank (businessinsider.com)
From a report: Nicole Eagan, the CEO of cybersecurity company Darktrace, told the WSJ CEO Council in London on Thursday: "There's a lot of internet of things devices, everything from thermostats, refrigeration systems, HVAC [air conditioning] systems, to people who bring in their Alexa devices into the offices. There's just a lot of IoT. It expands the attack surface and most of this isn't covered by traditional defenses."
Eagan gave one memorable anecdote about a case Darktrace worked on where an unnamed casino was hacked via a thermometer in a lobby aquarium. "The attackers used that to get a foothold in the network. They then found the high-roller database and then pulled that back across the network, out the thermostat, and up to the cloud," she said.
Eagan gave one memorable anecdote about a case Darktrace worked on where an unnamed casino was hacked via a thermometer in a lobby aquarium. "The attackers used that to get a foothold in the network. They then found the high-roller database and then pulled that back across the network, out the thermostat, and up to the cloud," she said.
IoT turned DEFCON into a party again. It was all getting kind of boring, with finding exploits in the major OSes being more time-consuming, but now suddenly there are so many device exploits that people are giving them away free. A lot of times it's as simple as
echo "admin\n admin\n" | telnet device_ip
I thought we were done with the days of telnet exploits but it's a gift that keeps giving.
"First they came for the slanderers and i said nothing."