Technology
Darktrace releases Internet of Things security report
-
As Internet of Things (IoT) devices become more
prevalent, so do the ways that hackers exploit them, according
to the Darktrace 2018 Threat Report, released Tuesday. -
In one instance, hackers took over a digital parking
payment kiosk and connected it to websites featuring adult
content. -
In another instance, hackers connected to industrial
blenders, slicers and other connected devices on a food
assembly line in an attempt to access the greater
network.
In a recent incident, hackers took control of a digital parking
kiosk and connected it to websites featuring adult content,
according to researchers at the cybersecurity company Darktrace.
The kiosk didn’t actually display the content,
which actually makes the stunt more confusing: If it wasn’t for a
weird prank, then why even bother?
“It’s unknown what the attacker’s motive might have been,” says
Darktrace.
But it points to a worrisome trend, as the company revealed
Tuesday by Darktrace in its annual Threat Report, which
highlights bizarre and unexpected ways that so-called black hat
hackers attempt to subvert and infiltrate networks. The key
takeaway is that if there’s a flaw, hackers will find and exploit
it.
“The incident exemplifies the vulnerabilities that IoT devices
can pose and the need for comprehensive cyber defense across the
entire digital infrastructure,” the report says.
Darktrace
uses AI to identify unusual activity on a network,
particularly involving unconventional connected devices.
In another instance recorded by the Darktrace report, hackers
attempted to get into a corporate network by connecting to
different IoT devices on an industrial food assembly line. They
managed to connect to industrial blenders, slicers and baggers in
an attempt to move within the network.
IoT devices like blenders don’t contain valuable or exploitable
information, such as corporate pay stubs. But the hackers wanted
to trick the IT network into letting them connect to the greater
company IT network. In theory, the hackers could move around the
network until making their way onto a PC or phone
that does have valuable data.
Of note is that in this example, the internet-connected
appliances hadn’t been vetted by the factory’s security experts.
They were just purchased, put online, and connected to the
network.
“Crucially, these devices did not have approval from the security
team to be connected to the core IT infrastructure. By
correlating these factors in real time, Darktrace’s AI detected
the anomalous behavior and determined the activity to be a
significant risk to the organization’s assembly line,” according
to the report.
In another similar instance, hackers took control of personal
storage lockers at an amusement park in North America. These
smart lockers connect with a third-party online platform when
employees entered their access codes. The hackers used the locker
connection to hitch a ride into the third-party platform and
swipe data.
“The connections, which could have included identifying details
or sensitive credentials, had the potential to be transmitted
over the internet entirely unprotected – giving the attackers
ability to intercept the connections
and use the information to breach the company’s network
defenses,” according to the report.
-
Business7 days ago
Lordstown Motors’ ousted CEO settles with SEC for misleading investors
-
Business6 days ago
Apple sued, Microsoft’s AI ambitions and Nvidia’s surprises
-
Business5 days ago
TechCrunch Mobility: The wheels are starting to come off the Fisker EV bus
-
Entertainment4 days ago
Amazon Big Spring Sale 2024: Shop 350+ deals on Apple, robot vacuums, security cameras, more
-
Business4 days ago
Maju Kuruvilla is out as CEO of one-click checkout company Bolt
-
Entertainment3 days ago
Where’s the AI in these ‘AI-powered’ products for your home?
-
Entertainment4 days ago
Asus ROG Zephyrus G14 (2024): The MacBook Pro of gaming laptops
-
Entertainment6 days ago
Amazon’s Big Spring Sale 2024: Shop 340+ deals on Apple, robot vacuums, security cameras, more