How can you hack a casino via a fish tank?
Since the advent of the Internet, the world has become completely interconnected. Right now, we can go shopping in the USA, book a hotel in Thailand and have instantaneous correspondence with people from all corners of the world without even standing from our desk. The Internet of Things pushes the interconnectivity to a higher level, bringing the network to everyday household objects. This way, we can control our house lighting, the temperature of a particular room, or check if our baby is asleep using only a smartphone. Furthermore, these smart devices can talk to each other without even requiring human intervention, so our alarm clock can set the kitchen lights on and tell the kettle to start boiling water when it is time to get out of bed.
All these capabilities are possible thanks to the presence of small, low-power, cost-effective computers. They control the devices in question and communicate with each other sending simple messages through our wireless network. Such small devices do not have the security capabilities a desktop computer can have, and the IoT network is thus sensitive to hacking, allowing a potential attacker to read the network traffic or even to control these devices against our will. One of the weak points in IoT networks comes from the random numbers used to encrypt data they send and receive. A poorly seeded algorithm or a source of entropy that can be manipulated can result in predictable outputs that can be easily guessed and used to de-encrypt the network traffic, or control devices without permission.
Although it might not seem important whether someone can stop a kettle from working, there are many cases where the compromised information can be very sensitive. Take for example baby monitors. Whilst they are very useful tools allowing us to check whether our baby is asleep or not thanks to the integrated video camera, or comfort them using a built-in speaker if they are having a bad dream, they can give virtual access to an unwanted person into our house, allowing him to watch what is happening in a particular room, if we are at home or not, or even speak to the child without anyone else noticing. There are many examples of hacks such as these in recent years due to poor security in IoT devices –more here.
In many cases, having a weak node in a network is enough to compromise the whole system. It was recently reported how an innocent IoT-enabled fish tank allowed some hackers to break into a casino’s network due to its deficient security!
Quantum Base has developed a simple random number generator. When incorporated into IoT devices it could be cheaper, smaller and use less power than existing solutions –but crucially it will fix a big problem in the security of these systems. Find out more here.
A study found that more than 80 per cent of companies have been hit with IoT breaches