Hacking the Fish Tank

DarkTrace never ceases to amaze.

Check this report :: https://www.darktrace.com/resources/wp-global-threat-report-2017.pdf

Read #6:

Technological innovations keep businesses dynamic and pro table, their employees productive and creative, and their premises exciting and modern. A North American casino recently installed a high-tech sh tank as a new attraction, with advanced sensors that automatically regulate temperature, salinity, and feeding schedules.

To ensure these communications remained separate from the commercial network, the casino con gured the tank to use an individual VPN to isolate the tank’s data. However, as soon as Darktrace was installed, it identi ed anomalous data transfers from the sh tank to a rare external destination.

Anomalous activity detected:

  • Transfer of 10GB outside the network
  • No other company device had communicated with this external location
  • No other company device was sending a comparable amount of outbound data
  • Communications took place on a protocol normally associated with audio and video

The tank’s communication patterns included sporadic communications with company devices, but that activity was in line with similarly con gured IoT devices. The external data transfers, however, were deemed highly unusual by Darktrace’s AI algorithms.

The data was being transferred to a device in Finland where an attacker had managed to gain control over the tank. This was a clear case of data ex ltration, but far more subtle than typical attempts at data theft.

By targeting an unconventional device that had recently been introduced into the network, the attack managed to evade the casino’s traditional security tools. Darktrace’s Enterprise Immune System detected the threat because the technology does not make assumptions about where threats will arise. It detected a subtle anomaly that indicated a much larger threat, and it aided the casino in remediating the vulnerability. The incident demonstrates the need to have complete visibility of every user and device – including internet-connected sh tanks.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s