Hackers reportedly took over a digital parking lot kiosk and connected it to a porn site for no apparent reason — and it hints at a worrying trend

parking lot

  • As Internet of Things (IoT) devices become more prevalent, so do the ways that hackers exploit them, according to the Darktrace 2018 Threat Report, released Tuesday.
  • In one instance, hackers took over a digital parking payment kiosk and connected it to websites featuring adult content.
  • In another instance, hackers connected to industrial blenders, slicers and other connected devices on a food assembly line in an attempt to access the greater network.

In a recent incident, hackers took control of a digital parking kiosk and connected it to websites featuring adult content, according to researchers at the cybersecurity company Darktrace. The kiosk didn't actually display the content, which actually makes the stunt more confusing: If it wasn't for a weird prank, then why even bother?

"It’s unknown what the attacker’s motive might have been," says Darktrace.

But it points to a worrisome trend, as the company revealed Tuesday by Darktrace in its annual Threat Report, which highlights bizarre and unexpected ways that so-called black hat hackers attempt to subvert and infiltrate networks. The key takeaway is that if there's a flaw, hackers will find and exploit it. 

"The incident exemplifies the vulnerabilities that IoT devices can pose and the need for comprehensive cyber defense across the entire digital infrastructure," the report says. 

Darktrace uses AI to identify unusual activity on a network, particularly involving unconventional connected devices. 

In another instance recorded by the Darktrace report, hackers attempted to get into a corporate network by connecting to different IoT devices on an industrial food assembly line. They managed to connect to industrial blenders, slicers and baggers in an attempt to move within the network.

IoT devices like blenders don't contain valuable or exploitable information, such as corporate pay stubs. But the hackers wanted to trick the IT network into letting them connect to the greater company IT network. In theory, the hackers could move around the network until making their way onto a PC or phone that does have valuable data.

Of note is that in this example, the internet-connected appliances hadn't been vetted by the factory's security experts. They were just purchased, put online, and connected to the network. 

"Crucially, these devices did not have approval from the security team to be connected to the core IT infrastructure. By correlating these factors in real time, Darktrace’s AI detected the anomalous behavior and determined the activity to be a significant risk to the organization’s assembly line," according to the report.

In another similar instance, hackers took control of personal storage lockers at an amusement park in North America. These smart lockers connect with a third-party online platform when employees entered their access codes. The hackers used the locker connection to hitch a ride into the third-party platform and swipe data.

"The connections, which could have included identifying details or sensitive credentials, had the potential to be transmitted over the internet entirely unprotected – giving the attackers ability to intercept the connections
and use the information to breach the company’s network defenses," according to the report.

SEE ALSO: Cybersecurity is a $81.7 billion market — and startups are raking in the dough

Join the conversation about this story »

NOW WATCH: A diehard Mac user switches to PC



from Tech Insider https://ift.tt/2OvqnfL

Comments

Popular posts from this blog

Zombie startups

Guilherme Rambo, who has published scoops about unreleased Apple products by examining beta software, says Apple locked his dev account with no stated reason (Buster Hein/Cult of Mac)

Minneapolis Mayor Jacob Frey wins tough reelection fight over a slew of challengers