HITS Daily Double

Recently, according to a report from the cybersecurity firm Darktrace (covered in The Washington Post and elsewhere), a North American casino was hacked, and the attackers absconded with a list of high rollers. The gambling establishment’s name has not been released. What’s noteworthy about this heist? The hackers got into the casino’s network via an Internet-enabled thermometer in the fish tank.

The incursion has raised alarm bells—inaudible, perhaps, in our age of constant alarm, but noisy nonetheless—about the vulnerabilities presented by the so-called “Internet of Things.” Electronic devices of all sorts are now networked without the slightest security, meaning they’re infinitely exploitable by bad actors seeking entry to companies’ troves of data.

Such devices, including but not limited to security cameras, HVAC, lighting systems and small appliances (see Silicon Valley’s plot device about hacked fridges, for example), are typically purchased based on price, as plant managers seek to limit overhead. Security is rarely even considered.

“What’s this got to do with me?” You ask. “I don’t have an Internet-enabled fish-tank thermometer, because no one would entrust me with the care of living things.” Perhaps not, but the odds are you have other minimum-security devices riding on your network—like voice-enabled speakers. If there’s anything on that network you wouldn’t want to fall into the wrong hands, you might want to look into the matter. Just sayin’.

Alexa, play me some songs about data theft.