Hackers stole a casino's high-roller database through a thermometer in the lobby fish tank
- Darktrace CEO: Hackers are increasingly targeting unprotected 'internet of things' devices such as air condition systems and CCTV to get into corporate networks.
- In one incident, a casino was hacked through the thermometer in its lobby aquarium.
- Former GCHQ director calls for laws on minimum security standards for 'internet of things' devices.
LONDON - Hackers are increasingly targeting 'internet of things' devices to access corporate systems - everything from CCTV cameras to air-conditioning units.
The "internet of things" refers to devices that are hooked up to the internet to allow live streams of data to be monitored. The term covers everything from household appliances to widgets in power plants and everything in between.
Nicole Eagan, the CEO of cybersecurity company Darktrace, told the WSJ CEO Council in London on Thursday: "There's a lot of internet of things devices, everything from thermostats, refrigeration systems, HVAC [air conditioning] systems, to people who bring in their Alexa devices into the offices. There's just a lot of IoT. It expands the attack surface and most of this isn't covered by traditional defenses."
Eagan gave one memorable anecdote about a case Darktrace worked on where an unnamed casino was hacked via a thermometer in a lobby aquarium.
"The attackers used that to get a foothold in the network. They then found the high-roller database and then pulled that back across the network, out the thermostat, and up to the cloud," she said.
Robert Hannigan, who ran the British government's digital spying agency GCHQ from 2014 to 2017, appeared alongside Eagan on the panel and agreed that hackers targeting internet of things devices is a growing problem for companies.
"With the internet of things producing thousands of new devices shoved onto the internet over the next few years, that's going to be an increasing problem," Hannigan said. "I saw a bank that had been hacked through its CCTV cameras because these devices are bought purely on cost."
He said regulation to mandate safety standards would likely be needed.
"It's probably one area where there'll likely need to be regulation for minimum security standards because the market isn't going to correct itself," he said. "The problem is these devices still work. The fish tank or the CCTV camera still work."
- ‘Padman of 2022’: Shark Peyush Bansal offers founder of women’s hygiene startup PadCare a blank cheque
- Gautam Adani lost $52 billion in 6 days. That's over 3 times what Sam Bankman-Fried lost in a similar timeframe.
- A 45-year-old biotech CEO may have reduced his biological age by at least 5 years through a rigorous medical program that can cost up to $2 million a year, Bloomberg reported
- Measures in place to address excess volatility: Sebi on Adani crisis
- Revival of rural economy to take time in the absence of triggers: JM Financial
- Logistics startup FarEye lays off 90 employees, 2nd job cut in 8 months
- Vani Jayaram, the voice behind 10,000 songs, passes away at 78
- Not the first time FPO is taken back, won't affect image of the country: FM