Smart Drawing Pads Used for DDoS Attacks, IoT Fish Tank Used in Casino Hack

[LASER_oneXM]

Some clever hackers found new ways to use the smart devices surrounding us, according to a report published last week by UK-based cyber-defense company Darktrace.

The report, entitled the Darktrace Global Threat Report 2017, contains nine case studies from hacks investigated by Darktrace, among which two detail cyber-incidents caused by IoT devices.

Smart drawing pads used for DDoS attacks
In one of these case studies, Darktrace experts reveal how an unknown hacker had hijacked the smart drawing pads used at an architectural firm to carry out DDoS attacks as part of an IoT botnet.

The hacker had used the default login credentials that came with the design pad software to take over the devices, which the architectural firm had connected to its internal WiFi network, and was exposing to external connections.

Smart fish tank used to hack North American casino
Another case where attackers leveraged a smart device was at a North American casino. Darktrace says that an unknown hacker had managed to take over a smart fish tank the casino had installed at its premises for the enjoyment of its guests.

In spite of the fact that the fish tank was installed on its own VPN, isolated from the rest of the casino's network, the hacker managed to break through to the mainframe and steal data from the organization.