April 16, 2018 by

Hackers Steal Casino’s High-Roller Database by Exploiting a Smart IOT Thermometer

Internet of Things (IOT) devices like CCTV cameras, air-conditioning units and even smart thermometers are being targeted by hackers to compromise and thieve corporate data.

In a notable revelation on Thursday, Nicole Eagen, chief executive of cybersecurity firm Darktrace claimed that a casino fell victim to hackers who targeted a smart thermometer that was installed to monitor the water temperature of an aquarium installed in the casino’s lobby. The hackers located and stole the casino’s database of high-roller clients, by hacking the thermometer.

“The attackers used that to get a foothold in the network,” Eagan said at a Wall Street Journal panel. “They then found the high-roller database and then pulled that back across the network, out the thermostat, and up to the cloud,” she added.

That database is particularly valuable, storing details including some of the casino’s biggest spenders alongside other private details.

The proliferation and advent of connected smart devices is seeing everyday citizens more vulnerable to cyber attacks, she told the panel, pointing to this particular example.

Typically, these devices tend to have basic security protocols with few safeguards beyond the commonly used WPA2 Wi-Fi protocol. The widespread usage of IoT devices and the lack of robust cybersecurity measures make them a common attack vector for cybercriminals.

“There’s a lot of internet of things devices, everything from thermostats, refrigeration systems, HVAC systems, to people who bring in their Alexa devices into the offices,” she said, as cited by the Business Insider. “There’s just a lot of IoT. It expands the attack surface, and most of this isn’t covered by traditional defenses.”

Image credit: Pexels.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Researchers Develop Mirai Malware Vaccine for Insecure IoT Devices

Researchers have developed a novel new way to combat the dreaded Mirai botnet, the malware behind a...

Read more arrow_forward

U.S. Senators introduce New Bill that sets IoT Standards for Federal Suppliers

U.S. Senators are planning to introduce new bill that sets IoT standards for federal suppliers....

Read more arrow_forward

Artificial Intelligence - The Future of Cybersecurity

The sheer number of cyber-attacks and threats present in today’s world is considerable. As the...

Read more arrow_forward