Category Archives: Data

Hacking the Fish Tank

DarkTrace never ceases to amaze.

Check this report :: https://www.darktrace.com/resources/wp-global-threat-report-2017.pdf

Read #6:

Technological innovations keep businesses dynamic and pro table, their employees productive and creative, and their premises exciting and modern. A North American casino recently installed a high-tech sh tank as a new attraction, with advanced sensors that automatically regulate temperature, salinity, and feeding schedules.

To ensure these communications remained separate from the commercial network, the casino con gured the tank to use an individual VPN to isolate the tank’s data. However, as soon as Darktrace was installed, it identi ed anomalous data transfers from the sh tank to a rare external destination.

Anomalous activity detected:

  • Transfer of 10GB outside the network
  • No other company device had communicated with this external location
  • No other company device was sending a comparable amount of outbound data
  • Communications took place on a protocol normally associated with audio and video

The tank’s communication patterns included sporadic communications with company devices, but that activity was in line with similarly con gured IoT devices. The external data transfers, however, were deemed highly unusual by Darktrace’s AI algorithms.

The data was being transferred to a device in Finland where an attacker had managed to gain control over the tank. This was a clear case of data ex ltration, but far more subtle than typical attempts at data theft.

By targeting an unconventional device that had recently been introduced into the network, the attack managed to evade the casino’s traditional security tools. Darktrace’s Enterprise Immune System detected the threat because the technology does not make assumptions about where threats will arise. It detected a subtle anomaly that indicated a much larger threat, and it aided the casino in remediating the vulnerability. The incident demonstrates the need to have complete visibility of every user and device – including internet-connected sh tanks.

flockdata

Met one of the founders this week, Jeremy, for some coffee. Jeremy used to work at AWS Singapore and also did a local startup after that. Then he moved back to the USA to start flockdata with a partner from New Zealand.

http://www.flockdata.com/

There is so much going on in the data world. For guys like me I swear it takes a lot of work just to keep tabs on big data. My world now is keeping tabs on languages, advertising products (customer acquisition and revenue), web tech, mobile tech, streaming tech, analytics and now data. 

There are always lots of ways to skin something – you can roll your own, use the off the shelf stuff from AWS, grab lots of open source stuff or spend lots of cash on commercial products. I guess it all depends on money and time to market.

flcokdata has an interesting model and I plan on checking into it more.