Design World

  • Home
  • Technologies
    • ELECTRONICS • ELECTRICAL
    • Fastening • joining
    • FLUID POWER
    • LINEAR MOTION
    • MOTION CONTROL
    • SENSORS
    • TEST & MEASUREMENT
    • Factory automation
    • Warehouse automation
    • DIGITAL TRANSFORMATION
  • Learn
    • Tech Toolboxes
    • Learning center
    • eBooks • Tech Tips
    • Podcasts
    • Videos
    • Webinars • general engineering
    • Webinars • Automated warehousing
    • Voices
  • LEAP Awards
  • 2025 Leadership
    • 2024 Winners
    • 2023 Winners
    • 2022 Winners
    • 2021 Winners
  • Design Guides
  • Resources
    • Subscribe
    • 3D Cad Models
      • PARTsolutions
      • TraceParts
    • Digital Issues
      • Design World
      • EE World
    • Engineering diversity
    • Trends
  • Supplier Listings
  • Advertise
  • Subscribe

Four Bizarre Connected Items Used To Wage Cyberattacks

By Michael Luciano | December 15, 2017

In recent years, cyberattacks have been on the rise, and don’t seem to be limited by choice of targets. With the degree of internet connectivity in our homes, jobs, and vehicles, cybercriminals are never short of openings. As we all know, the Internet-of-Things (IoT) gives everyday devices online connectivity, a number that’s projected to reach the tens of billions by 2020.

Only in recent years have researchers and industry experts realized the IoT has ultimately become a source of multiple outlets that hackers can target, if they want to infiltrate an online network. As a result, we’ve seen an array of cyberattacks (varying in severity) that started by a hacker breaching one (or multiple) connected items that most of us wouldn’t even expect to be capable of becoming that gateway for cybercriminals to access a network, or have any internet connectivity at all. Below are four unordinary items that have been used to facilitate cyberattacks in recent years, most of which (at least at the time of the incident) nobody ever truly expected to be used in that context.

 

Fish Tank

A report from the cyber defense firm Darktrace, details an instance where a fish tank was used in a cyberattack to extract data from a North American casino. The unnamed casino featured a high-tech fish tank model with internet connectivity that allowed the tank to be remotely monitored, receive automatic temperature and salinity adjustments, and even automate feedings.

Upon connecting to the fish tank’s sensors, the cybercriminals discovered additional vulnerabilities, and were able to move laterally throughout the network. The data was already flowing by the time Darktrace was called, who immediately detected the tank’s unusual activity once they began monitoring the company’s network. While the tank’s communication network with the casino’s appeared normal, the data being pumped to the outside raised a few red flags. Up to 10 gigabytes of data was stolen by hackers, and the data was sent to a remote server in Finland.

 

Digital Video Recorder (DVR)

One of the biggest cyberattacks that occurred in recent memory targeted the New Hampshire-based company Dyn, which monitors and routes internet traffic. In October of 2016, hackers temporarily took down popular websites for several hours like Amazon, Twitter, Netflix, and Etsy (just to mention a few). The attack was implemented in the form of DDoS (distributed denial of service), where a server is bombarded with millions of fake requests, preventing the server from responding to real ones, and crashing under the weight.

The cybercriminals (who were never caught), “enslaved” ordinary household electronic devices with internet connectivity that included a large number of DVRs. The hackers created a “digital army” of co-opted robot networks (a botnet) that sent millions of requests to Dyn’s servers. These requests were directed at will, which knocked out the servers. Mirai software from phishing emails first infected computers or home networks that perpetuated the attack by spreading to connected devices like DVRs, cable set-top boxes, routers, and surveillance cameras.

 

Tea Kettle

While there’s no widespread knowledge or documented instances confirming a tea kettle was used to facilitate a cyberattack, a security researcher demonstrated how internet-connected tea kettles can make the perfect beacon for hackers. Ken Munro, who works at PenTest Partners, infiltrated an insecure iKettle, a device whose developers proclaimed was “the world’s first WiFi kettle”, by using a home’s stolen WiFi password. The kettle, which could connect to a user’s home WiFi network, has a built-in Android and iOS app, allowing the user to switch on the kettle and boil water from another location.

The device’s biggest flaw is in the Android iKettle app, which keeps the kettle’s password as the default value. Munro used a directional antenna aimed at the target house where the iKettle was being used, forcing the device to drop its current WiFi network, and tricking the kettle into connecting with Munro’s unencrypted WiFi network. The iKettle connected using the same credentials for its original encrypted network. Munro was able to convince the iKettle to provide the encrypted network’s key by sending two commands via Telnet, which enabled the device to hand Munro the encryption in plain text.

 

Drawing Pads

In another bizarre cyberattack documented by Darktrace, an unknown cybercriminal hijacked smart drawing pads used at an architectural firm to perpetuate a DDoS attack as part of an IoT botnet. The hacker used default login credentials that came with the design pad software to infiltrate the devices. It’s worth noting the architectural firm had the smart pads connected to its internal WiFi network, and was being exposed to external connections. The hacker exploited the smart drawing pads to send high volumes of data to websites across the globe that were owned and operated by entertainment and design companies, along with government entities.

You Might Also Like


Filed Under: M2M (machine to machine)

 

LEARNING CENTER

Design World Learning Center
“dw
EXPAND YOUR KNOWLEDGE AND STAY CONNECTED
Get the latest info on technologies, tools and strategies for Design Engineering Professionals.
Motor University

Design World Digital Edition

cover

Browse the most current issue of Design World and back issues in an easy to use high quality format. Clip, share and download with the leading design engineering magazine today.

EDABoard the Forum for Electronics

Top global problem solving EE forum covering Microcontrollers, DSP, Networking, Analog and Digital Design, RF, Power Electronics, PCB Routing and much more

EDABoard: Forum for electronics

Sponsored Content

  • Sustainability, Innovation and Safety, Central to Our Approach
  • Why off-highway is the sweet spot for AC electrification technology
  • Looking to 2025: Past Success Guides Future Achievements
  • North American Companies Seek Stronger Ties with Italian OEMs
  • Adapt and Evolve
  • Sustainable Practices for a Sustainable World
View More >>
Engineering Exchange

The Engineering Exchange is a global educational networking community for engineers.

Connect, share, and learn today »

Design World
  • About us
  • Contact
  • Manage your Design World Subscription
  • Subscribe
  • Design World Digital Network
  • Control Engineering
  • Consulting-Specifying Engineer
  • Plant Engineering
  • Engineering White Papers
  • Leap Awards

Copyright © 2025 WTWH Media LLC. All Rights Reserved. The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with the prior written permission of WTWH Media
Privacy Policy | Advertising | About Us

Search Design World

  • Home
  • Technologies
    • ELECTRONICS • ELECTRICAL
    • Fastening • joining
    • FLUID POWER
    • LINEAR MOTION
    • MOTION CONTROL
    • SENSORS
    • TEST & MEASUREMENT
    • Factory automation
    • Warehouse automation
    • DIGITAL TRANSFORMATION
  • Learn
    • Tech Toolboxes
    • Learning center
    • eBooks • Tech Tips
    • Podcasts
    • Videos
    • Webinars • general engineering
    • Webinars • Automated warehousing
    • Voices
  • LEAP Awards
  • 2025 Leadership
    • 2024 Winners
    • 2023 Winners
    • 2022 Winners
    • 2021 Winners
  • Design Guides
  • Resources
    • Subscribe
    • 3D Cad Models
      • PARTsolutions
      • TraceParts
    • Digital Issues
      • Design World
      • EE World
    • Engineering diversity
    • Trends
  • Supplier Listings
  • Advertise
  • Subscribe
We use cookies to personalize content and ads, to provide social media features, and to analyze our traffic. We share information about your use of our site with our social media, advertising, and analytics partners who may combine it with other information you’ve provided to them or that they’ve collected from your use of their services. You consent to our cookies if you continue to use this website.OkNoRead more