A hacker managed to use a smart fish tank to gain access to a casino, according to a report from a security firm.
According to CNN, the fish tank was used as a point of entry, allowing the intruders to move laterally through the network. They managed to use the tank to send data to Finland before security firm Darktrace shut them down.
The casino with the fish tank goes unnamed, though it might have been alluded to in an interview Darktrace’s co-founder Dave Palmer gave earlier this year:
We’ve seen insiders sneak data out of heavily-protected organizations by attacking digitally-connected fish tanks. Completely blew my mind. Who would plug their fish tank into the internet? Well it turns out lots of people do.
It’s also possible he was referring to a separate incident, as evidenced by the plural “tanks.” Palmer related a story to Financial News London about a smart fish tank in the reception area of a payment and transaction company. Someone stored data on the tank’s internal memory, then used its connection to move the data outside the building into nefarious hands.
In each instance, the smart tank was being monitored by an external party responsible for its water levels. Whether it’s the same tank or not, it sounds pretty fishy to me.