How the IoT Goes From Pretty Cool to Oops in One Fishy Story

ByMike McBride Reading Time: 2 minutes

Once, there was a casino with an awesome fish tank, that required a lot of monitoring to keep it operating efficiently for the fish. Enter, the Internet of Things…

The fish tank had sensors connected to a PC that regulated the temperature, food and cleanliness of the tank.

OK, that’s kind of cool. We can monitor the situation with the tank without having to actually get into it and maybe disrupt whatever is going on in the casino. One small problem though, an internet connected fish tank is surely going to attract some attention, and it did.

 

“Somebody got into the fish tank and used it to move around into other areas (of the network) and sent out data,” said Justin Fier, Darktrace’s director of cyber intelligence.

Yes, someone hacked into the fish tank monitoring PC, and used it to poke around and steal data from the rest of the network.

Amusing? Sure. Also, informative.

There are a ton of IoT devices that are not very secure. In this case, it’s a fish tank monitoring PC, the kind of things that is extremely likely to get overlooked when it comes to security, because it’s not really integral to the business. (Note though, no one asked the fish about how integral it was to therm. They may have felt differently.) But, why are they not segregated from the other parts of the network? Why wasn’t the fish cam on a guest wireless access point or something like that, firewalled off from the data that would actually be worth stealing? Given that we don’t know what data was stolen, or which casino it was, it is possible that it was segregated away and the only information stolen was historical data about the tank, so I’ll reserve judgement in this case, but it’s important to always ask yourself this question.

Connecting it to the internet might be cool, but why have it on the same connection as the stuff that you really need to protect? There’s no reason for that. That’s how your security ends up sleeping with the fishes. (Oh that was awful.…)

Similar Posts

  • Morning news with my coffee

    ByMike McBride Reading Time: 3 minutes

    SafeWeb users are vulnerable. Oh the irony. Should we start calling them (not so)SafeWeb? *L* The Register is baffled by ICQ “hack”. Was it hacked or wasn’t it? You be the judge… Trillian version .725 is out, the latest in the AIM connection wars. Why aren’t the Olympics over yet? Haven’t we had enough drama,…

  • | |

    Linked: The shortage of tech workers is about to become an even bigger problem for everyone

    ByMike McBride Reading Time: 1 minute

    The shift in tech skills is one of the contributing factors, but it’s not that technology has been changing, because that ALWAYS happens. It’s the insistence that employers can find people with a skill that didn’t even exist 2-3 years ago instead of actually developing the people they already have, or hiring people who can continue to adjust and learn these skills.

    How many jobs are going unfilled because you’re looking for someone with expertise in a technology that has only been around for the last 1-2 years? How do you expect there to be a bunch of experts on this technology? How do you expect recent graduates to be familiar with the technology that their college curriculum hasn’t even caught up to yet?

    It’s not possible. So you might want to start adjusting your hiring, recruitment, and staff development processes, because that’s how you shrink the talent gap, by creating the talent yourself.

  • PC sound troubles

    ByMike McBride Reading Time: 3 minutes

    So I spent two hours + troubleshooting a friend’s PC tonight, and not getting it fixed. How frustrating! Here’s the scenario: She noticed a few weeks ago, after doing her annual AV/Firewall renewal, and other updates, that her sound wasn’t working. Now, it may have not been working prior to this, this just happens to…

  • |

    Sulfnbk Hoax

    ByMike McBride Reading Time: 1 minute

    When did everyone start buying the sulfnbk.exe hoax again? We’ve had 5 different people get warnings about it since yesterday. Are we the only ones? Wil Wheaton has a story with an old message that is still important and needs to be remembered. Gretchen Pirillo has a bit of a rant about the usability of…

  • |

    Black Out Day

    ByMike McBride Reading Time: 1 minute

    Well today is the day many of your favorite websites may be going dark to protest against legislation that is under consideration in the US that would give the government the ability to remove websites from the internet based on complaints of violating copyright, without much in the way of an ability of any site…

  • |

    Linked – The Case Against Retweets

    ByMike McBride Reading Time: 2 minutes

    I don’t think I’d go to the trouble of not seeing any retweets, but this does remind us that maybe don’t tweet or retweet something that makes you angry, it’s not really helping anything? “But what if viral content isn’t the best content? Two Wharton professors have found that anger tops the list of shareable…

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

To respond on your own website, enter the URL of your response which should contain a link to this post's permalink URL. Your response will then appear (possibly after moderation) on this page. Want to update or remove your response? Update or delete your post and re-enter your post's URL again. (Find out more about Webmentions.)