Hackers are constantly on the hunt to find new and, at times, obscure ways to access people’s data.

They’ve been in medical devices and superyachts and the latest is, you guessed it, a fish tank.

For real.

In an attempt to acquire data from an unnamed North American casino, hackers used an Internet-connected fish tank, reports Washington Post:

The hackers attempted to acquire data from a North American casino by using an Internet-connected fish tank, according to a report released Thursday by cybersecurity firm Darktrace.

The fish tank had sensors connected to a PC that regulated the temperature, food and cleanliness of the tank.

Serious:

“Somebody got into the fish tank and used it to move around into other areas (of the network) and sent out data,” said Justin Fier, Darktrace’s director of cyber intelligence.

The name of the casino and type of data wasn’t disclosed for “security reasons”, but the report did say that “10 GB of data was sent out to a device in Finland”.

“This one is the most entertaining and clever thinking by hackers I’ve seen,” said Hemu Nigam, a former federal prosecutor for computer crimes and current chief executive of SSP Blue, a cybersecurity company.

But fishtanks aren’t the only random thing that hackers might look at to gain access into your network. As more and more products become smarter, ultimately growing the Internet of Things (IoT) network, another privacy risk is children’s toys.

Yup, by hacking into children’s toys, hackers can learn your child’s name, location and other personal information:

Fier said that with the recent FBI toy warning and the many ways by which hackers are trying to break into systems, he wouldn’t be surprised if the government eventually got involved in regulating Internet of Things, IoT, products. But he said, even if it did, that would raise other questions.

“Everything has to go through FTC approval, I’d be curious to see if that happens on the cyber front,” he said. “That you have to do the bare minimum to protect these products. But that’s just for the U.S. How do you do this globally?”

As for what people can do to protect themselves against these kinds of attacks? Errr, get yourself protected with NEWORDER.

It’s time you started taking advantage of any security protection, whether it’s through educating yourself about IoT products or updating operating systems and software. You need to realise cybercrime is a reality – after all, it’s not a matter of if, but when.

With a strategic and tactical insight into an organisation’s actual state of security, NEWORDER verifies whether the best practices and adequate safety measures are in place to mitigate and minimise the impact of known and unknown security risks.

Oh, and stick to the old fashioned fish tanks for now.

[source:washingtonpost]