Smart fish tank exposes casino to hackers

22 Jul, 2017 13:52 / Updated 7 years ago

A casino in North America was the victim of a hack infiltrated through the gambling house’s internet connected smart fish tank, sending data to an unknown actor in Finland.

The smart fish tank contains sensors to regulate temperature and feeding. The casino used an individual VPN for the tank data, “to ensure these communications remained separate from the commercial network,” cybersecurity company Darktrace explained.

Darktrace discovered the tank had been compromised and detected “highly unusual” data activity being sent from a device in Finland. The fish tank attack was revealed in its security report published this week.

Ten GB of data had been sent outside the network, and no other company device had been in communication with the Finland location. “Communications took place on a protocol normally associated with audio and data,” they explained.


“The data was being transferred to a device in Finland where an attacker had managed to gain control over the tank,” Darktrace said. “This was a clear case of data exfiltration, but far more subtle than typical attempts at data theft.”

READ MORE: Hackers access millions of Social Security numbers, 10 states affected


The fish tank hack raises concerns about vulnerabilities in smart devices, which can allow hackers to gain control of household items.