Smart drawing board used for DDoS attack and IoT aquarium used to hack Casino

Named the Darktrace Global Threat Report 2017, there are 9 actual cases reported from investigations of hacking cases, of which 2 cases are caused by IoT devices.

Smart drawing board used in DDoS attacks

In one case, Darktrace's experts revealed how an unknown hacker hijack an intelligent drawing board used in an architectural enterprise to perform DDoS attacks, as part of IoT botnet.

Hacker used the default login information to gain access to the device, while it was connected to the company's internal WiFi network. 'The attacker scans the Internet and discovers an easy-to-penetrate smart drawing board that exploits and sends a lot of data to many websites around the world, owned by entertainment, design and government companies ', the report said. 'The company may be held responsible for interfering with other systems'.

Smart aquarium used to hack casinos in the US

Another case is when attackers use smart devices to hack a casino. Darktrace said the hacker took over the management of the casino's aquarium, which was used to entertain guests. Despite having a separate and isolated VPN installed from the casino system, the aquarium is still broken by hackers, going to mainframes and stealing data.

Smart drawing board used for DDoS attack and IoT aquarium used to hack Casino Picture 1
10GB of data in casinos was stolen due to hacked fish tanks

'Data is transferred to a device in Finland,' Darktrace said. 'No company device has connected to this external address.' 'No company device sends such external data,' experts added. 'Data transfer takes place according to the basic protocol that is related to audio and video'. Hacker stole 10GB of data by transferring it through the IoT aquarium.

Several other hack scenarios in Darktrace's report include an insurance company in the US that hijacked a server with a bitcoin digger, in some cases the company was hacked by former employees.