Results 1 to 5 of 5

Thread: A smart fish tank left a casino vulnerable to hackers

  1. #1
    Frequent Visitor
    Join Date
    Mar 2017
    Location
    US, Central
    Posts
    355

    A smart fish tank left a casino vulnerable to hackers

    Thought this was interesting. They don't state the controller used.
    http://money.cnn.com/2017/07/19/tech...ace/index.html

  2. #2
    Frequent Visitor Justin L's Avatar
    Join Date
    Jan 2013
    Location
    Birmingham, AL
    Posts
    541
    More like a Network Admin who doesn't understand proper VLAN isolation left a casino vulnerable. In "the business" we call that a RGE, Resume Generating Event.

  3. #3
    Fish Whisperer cypherljk's Avatar
    Join Date
    Oct 2013
    Location
    Charlotte, NC
    Posts
    442
    They did have safeguards in place. I wish they would have stated the manufacturer and the issue so it could be prevented by other users.

  4. #4
    Frequent Visitor Justin L's Avatar
    Join Date
    Jan 2013
    Location
    Birmingham, AL
    Posts
    541
    Quote Originally Posted by cypherljk View Post
    They did have safeguards in place. I wish they would have stated the manufacturer and the issue so it could be prevented by other users.
    I suppose, but I deal with PLC's on a daily basis. In no real world deployment should your PLC's be internet facing, or even unsecured network facing for that matter. In order to access our PLC's you have to be physically on that VLAN with an approved MAC or RDC'ed into the one single "blessed" VM to get access.

  5. #5
    Frequent Contributor zombie's Avatar
    Join Date
    Dec 2013
    Location
    Denver, CO
    Posts
    13,176
    Quote Originally Posted by cypherljk View Post
    They did have safeguards in place. I wish they would have stated the manufacturer and the issue so it could be prevented by other users.
    I've searched and no info was ever made public that I could find. Chances are it was unsecured access from telnet or http port forwarding, which would mean that any controller on the market (with the exception of fusion only apex with no port forwarding) or even a custom PLC based controller could have had that intrusion. More than likely I expect this was a case of an aquarium maintenance company setting up the controller on the casino network without any whitelisting.

    You might be an engineer if...You have no life and can prove it mathematically.

Similar Threads

  1. Replies: 2
    Last Post: 10-04-2018, 09:44
  2. Is the 2016 Apex vulnerable to KRACK Wi-Fi attack?
    By Krazie4Acans in forum A2 Apex/ApexEL and A3 Apex Pro/Apex/Apex Jr
    Replies: 1
    Last Post: 10-17-2017, 19:17
  3. Question: How Safe is Neptune Apex Fusion from hackers ?
    By tomcoleman in forum APEX Fusion
    Replies: 41
    Last Post: 08-08-2017, 15:14
  4. Help! Smart ATO help please
    By lewisrburks in forum APEX Fusion
    Replies: 0
    Last Post: 12-01-2016, 06:45
  5. Fish Room to Tank with Apex
    By Cthomas1026 in forum Pre-Sales Questions
    Replies: 6
    Last Post: 12-16-2015, 22:40

Bookmarks

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •