Fine man, that Internet of Things. They will also find it at the casino that dropped the complete list of ‘high rollers’ – people who spend too much money in the casino and therefore receive special treatment – in the hands of hackers. The story, told byCEO of cybersecurity company Darktrace Nicole Eagan, is too bizarre for words.
Similarly, the thermometer that was installed in an aquarium in a casino. That kept the fish comfortable, but also proved to be an ideal entry for the hackers, who cracked the security of the device, entered the network and then had a relatively free play.
Once you are inside a network, the rest is not that difficult anymore, so the hackers found the list of high rollers and removed them from the network by the thermostat. How the casino finally found out is not clear, but it does show how easy you can overlook something that gives intruders access to your corporate network.
Whether it’s a security camera, temperature systems such as air-conditioners or freezers or even an Amazon Echo that takes someone to the office, they are all potential entrances and it’s getting more and more difficult to shut them all up.
Minimum security standard
How do you solve it? A solution could be to maintain a minimum security standard that IoT devices must meet to be used. You can leave that to the market, but they do not do it, says ex-boss of the British GCHQ . He also saw banks being hacked because they had bought cheap (but poorly secured) security cameras. “As long as all these devices continue to work, no-one will see the problem, where regulation will probably be necessary.”
Perhaps a good idea, because who wants to admit that they are robbed because hackers have entered via the smart toothbrush? Just explain that.