- As Internet of Things (IoT) devices become more prevalent, so do the ways that hackers exploit them, according to the Darktrace 2018 Threat Report.
- In one instance, hackers took over a digital parking payment kiosk and connected it to websites featuring adult content.
- In another instance, hackers connected to industrial blenders, slicers and other connected devices on a food assembly line in an attempt to access the greater network.
In a recent incident, hackers took control of a digital parking kiosk and connected it to websites featuring adult content, according to researchers at the cybersecurity company Darktrace. The kiosk didn’t actually display the content, which actually makes the stunt more confusing: If it wasn’t for a weird prank, then why even bother?
“It’s unknown what the attacker’s motive might have been,” says Darktrace.
But it points to a worrisome trend, as Darktrace will reveal in its annual Threat Report, to be released on Wednesday, which highlights bizarre and unexpected ways that so-called black hat hackers attempt to subvert and infiltrate networks. The key takeaway is that if there’s a flaw, hackers will find and exploit it.
“The incident exemplifies the vulnerabilities that IoT devices can pose and the need for comprehensive cyber defence across the entire digital infrastructure,” the report says.
Darktrace uses AI to identify unusual activity on a network, particularly involving unconventional connected devices.
In another instance recorded by the Darktrace report, hackers attempted to get into a corporate network by connecting to different IoT devices on an industrial food assembly line. They managed to connect to industrial blenders, slicers and baggers in an attempt to move within the network.
IoT devices like blenders don’t contain valuable or exploitable information, such as corporate pay stubs. But the hackers wanted to trick the IT network into letting them connect to the greater company IT network. In theory, the hackers could move around the network until making their way onto a PC or phone that does have valuable data.
Of note is that in this example, the internet-connected appliances hadn’t been vetted by the factory’s security experts. They were just purchased, put online, and connected to the network.
“Crucially, these devices did not have approval from the security team to be connected to the core IT infrastructure. By correlating these factors in real time, Darktrace’s AI detected the anomalous behaviour and determined the activity to be a significant risk to the organisation’s assembly line,” according to the report.
In another similar instance, hackers took control of personal storage lockers at an amusement park in North America. These smart lockers connect with a third-party online platform when employees entered their access codes. The hackers used the locker connection to hitch a ride into the third-party platform and swipe data.
“The connections, which could have included identifying details or sensitive credentials, had the potential to be transmitted over the internet entirely unprotected – giving the attackers ability to intercept the connections and use the information to breach the company’s network defences,” according to the report.