The cyber savvy have heard of phishing – sending thousands of malware-laden emails hoping for one unsuspecting click – but the Internet of Things introduced a new kind of fishing. It involved actual fish.
An internet-connected fish tank in a North American casino was used as an initial entry point into the casino’s network. This is one of nine examples of unusual attack vectors listed in a recent report from the security firm Darktrace. This report contains nine real-world examples where sophisticated methods, advanced technologies, or unusual strategies were employed.
The report warns that “…we are seeing new areas of vulnerability arise as modern companies embrace the ‘Internet of Things’. The proliferation of new connected objects multiplies the inroads to critical networks and data, yet organizations often have remarkably poor visibility of these hidden outposts of their networks. ”
In addition to the threat posed by “things”, the increasing digitization of everyday work processes means that legitimate network users can (accidentally) expose data and systems to significant vulnerabilities.
Another growing security concern is that the automation of malware production means that attackers can spread malicious software at lightning speed, outpacing the efforts of human security teams to identify and block new variants of threats.