By Philip   |  04-15-2018   News
Photo credit: digitaltrends.com

Like a real life, cyberpunk version of Oceans 11, hackers absconded a casino's high roller database by hacking into a thermometer in the lobby aquarium. This is just one example of hackers finding a vulnerability to exploit by breaking into vulnerable "smart" devices like air conditioners and CCTV to penetrate corporate systems.

<iframe width="854" height="480" src="https://www.youtube.com/embed/A48AJ_5nWsc" frameborder="0" allow="autoplay; encrypted-media" allowfullscreen></iframe>

In the Mike Judge series Silicon Valley a smart refrigerators' firmware is exploited. A Silicon Valley character hacks into the fridge which is later used to create a sort of smart-fridge botnet. In another episode, a smart-fridge spies on its owners.

The issues brought up by that episode were discussed last year when the episode aired and the idea of hacking through the firmware to brute-force the backdoor for the password is quite possible. Hacking security cameras and other "internet of things" due to embedded device vulnerabilities is a very real thing.

<iframe width="854" height="480" src="https://www.youtube.com/embed/B8DjTcANBx0" frameborder="0" allow="autoplay; encrypted-media" allowfullscreen></iframe>

CEO of cybersecurity company Darktrace, Nicole Eagan, spoke to the WSJ CEO Council in London last Thursday: "There's a lot of internet of things devices, everything from thermostats, refrigeration systems, HVAC [air conditioning] systems, to people who bring in their Alexa devices into the offices. There's just a lot of IoT. It expands the attack surface and most of this isn't covered by traditional defenses."

In regards to the casino exploit mentioned earlier, "The attackers used that to get a foothold in the network. They then found the high-roller database and then pulled that back across the network, out the thermostat, and up to the cloud."

Head of the British government's digital spying agency GCHQ from 2014 to 2017, Robert Hannigan was on a panel with Eagan and took the same perspective considering the dangerous security flaws in the smallest of "smart" devices in or around the largest of things.

<blockquote>"With the internet of things producing thousands of new devices shoved onto the internet over the next few years, that's going to be an increasing problem," I saw a bank that had been hacked through its CCTV cameras because these devices are bought purely on cost," Hannigan said.</blockquote>

In Hannigan's opinion, standards should be put in place and implemented to protect against these devices being used as part of broader scale attacks. The need for "minimum security standards" being put in place on these devices was agreed on as well:

"It's probably one area where there'll likely need to be regulation for minimum security standards because the market isn't going to correct itself. The problem is these devices still work. The fish tank or the CCTV camera still work.

These kinds of vulnerabilities have affected smart fridges, in particular, to hack businesses for years now. An article in Business Insider from January 2014 describes a smart-fridge "botnet" as one of the first major Internet of Thing (IoT) cyber attacks. A couple of years back a Samsung smart refrigerator vulnerability that left your Gmail account log-in credentials open. The possibility of our smart devices conspiring against us only increases as we move more to ubiquitous wirelessness.

Source:

http://www.businessinsider.de/hackers-stole-a-casinos-database-through-a-thermometer-in-the-lobby-fish-tank-2018-4?r=UK&IR=T

Twitter: #surveillance #embeddeddevice #IoTSecurity
Share this article
Thoughts on the above story? Comment below!
6 Comment/s


Johnny Neptune No. 23198 1523802775

You fucking idiot. You've done it again! You can't do ANYTHING right, dipshit!

The second paragraph reads, "In the Mike Judge series Silicon Valley a recent subplot dealing with the potential for smart refrigerators' firmware to be exploited as a means to m"… a means to M ?… YOU STUPID PIECE OF SHIT !!

Anonymous No. 23210 1523827054

Now people are paying for amazon (who has massive cia contracts) to place listening devices and cameras in their homes. Not smart.

Anonymous No. 23219 1523831323

Seriously, hire me to write your fucking articles Jim, they're all shit.

[email protected]

Anonymous No. 23220 1523831434

Also, why the fuck do you think your userbase would even think about watching Silicon Valley?

Anonymous No. 23235 1523844531

Now thats Freaking cool. Stealing money through a aquarium thermometer !!!!!!!!!!!

Phil No. 23264 1523880857

>>23198

I'm totally not seeing the same error as you saw "Johnny" but thanks for reading,

>>23219

What if all our readers are only reading just to complain though? Then if we published your (far superior, obviously) work we might lose our readership. Alexa rankings don't lie and we've been steadily growing so might just stick with the "winning formula."

I'm an editor as well as writer here though, so if you'd like send me your samples at [email protected] and I'll try and get them floated up.

>>23220 You don't have to watch the show. I'm not asking anyone to watch the show. I enjoy watching the show and had been thinking about the embeddable device vulnerability issue when this story came along so I mentioned it.

Once again, thank you all for not only taking the time to read the article but for hating it enough to "engage" with the content. If not for hateviews, I might not have half the viewcount on many of my stories.

What do you think about this article?
Name
Comment *
Image

Muslim Activist Deported From US