Casino’s Smart Fish Tank Causes Issues
Posted on April 07, 2021 at 1:04am
An unconventional casino hack is once again placing new emphasis on the many dangers connected to a world in which devices are capable of communicating with one another thanks to the wonderful world of technology and the Internet of Things (IoT).
A smart and enterprising hacker has managed to tap into a so-called “smart fish tank” installed at an unnamed casino (for security reasons, of course), before transmitting at least 10GB of data to an unidentified online location registered in Finland.
The high-tech fish tank, aside from acting as an aesthetically appealing feature in the lobby of a casino, is capable of monitoring things such as temperature and salinity while also providing an automated feeding system for the residents of the tank. The problem, however, was that the smart tank had been connected to the casino’s own internal database – which is obviously how the skilled hacker eventually gained access to more than just the daily fish-feeding regime.
Hidden By The Obvious
According to a security report compiled by cyber-experts Darktrace, the smart tank would occasionally communicate with other connected devices operating throughout the casino, which would have been nothing out of the ordinary as far as interconnectivity goes. It was only once cybersecurity experts noticed that the tank had been sending unusually large amounts of data that a form of foul play was eventually suspected. But of course, by this time, the data had already been exported to the outside location.
What the tank had been exporting without being detected up until that point in time, had been large volumes of sensitive VIP-player information. The word was out: the casino’s security systems had officially been breached.
When A Tank Is Not Just A Tank
What makes the attack all the more noteworthy is its absolute subtlety, cyber experts now say.
Because of the ingenious way that the system had been hacked, the threat managed to avoid detection by the casino’s traditional in-house cybersecurity tools and safeguards. Since traditional security safeguards can only detect “known causes”, this particular breach had been a case of not being able to detect what isn’t known to be there.
According to Darktrace CEO Nicole Egan, the problem is mainly one of a never-ending attack surface created by a range of devices now typically part of the IoT landscape. Since everything from air conditioning systems to refrigeration appliances to baby monitors are now able to communicate with one another via IoT-powered interconnectivity, the possibilities for a breach are equally endless.
And those possibilities now officially include the humble fish tank.