Many may remember the TV series, “Flipper.” For those who do not remember, the theme and plot is as follows: Flipper, a bottle-nose dolphin, helps to protect his lagoon park and preserve its wild inhabitants. He is instrumental in apprehending criminals and thugs in the park.
How does this story draw parallels to cybersecurity?
This past week, an unnamed North American casino experienced a cybersecurity breach via a fish tank. The casino’s self-cleaning fish tank, programmed via sensors to monitor water temperatures and fish feeding schedules, was targeted by hackers. Through the fish tank system, the cyber thugs broke into the casino’s computer network and downloaded sensitive data to a Finland location.
Connecting the dots of this story back to “Flipper,” the idea of observing and monitoring one’s environment is vitally important. Like Flipper—whose role was to apprehend criminals through observation and data collection—we must remain vigilant, and can no longer blindly trust even the most innocent of devices, such as programmed fish tanks.
Fish tanks are now IoT devices on our networks and, as seen in the case of this casino, can create an open door for clever cyber thugs. Today’s cyber thugs and criminals leave breadcrumbs of information that we can collect to understand the risks associated with certain IT decisions. The same advice and best practices apply to fish tanks as they do to any other sensor on our networks. Understand, Monitor, Prevent and Segment to protect your most critical assets: DATA!