Data Heists From the Headlines

Isn’t there a new Ocean’s Eleven reboot in the works?  I think we’ve just found the plot for the next one.  I love everything about this story (aside from the breached data, of course).  Hacking a casino through a thermostat in one of its fish tanks sounds like a perfect premise for Hollywood summer fluff, yet that’s exactly what happened in a certain casino.  According to cybersecurity firm Darktrace, the connected device was used “to get a foothold in the network,” from which the attackers located and then extracted the database of high rollers.

What isn’t great about this incident, however, is in the implication.  The trend of attack vector expansion due to Internet of Things devices continues apace.  More smart devices translate to more opportunities for hackers to infiltrate.  One bank was even hacked through its CCTV cameras, relates Robert Hannigan, former UK spy agency head.  “It’s probably one area where there’ll likely need to be regulation for minimum security standards, because the market isn’t going to correct itself,” he argues.

Well, at the very least, certain members of Congress seem to be taking this a bit more seriously since Mark Zuckerberg’s testimony.  And by “this,” I mean customer data.  Several bills have already begun circulating, targeting Facebook and other tech giants.  One, the MY DATA Act, would expand the reach of the Federal Trade Commission to enable it to target internet service providers for “unfair and deceptive” practices.  The BROWSER Act would enact user permission requirements for certain internet providers to use the data, while the CONSENT Act similarly requires an opt-in agreement available to users, who must also be informed in the event of a breach.

Unfortunately, all these are just proposals at this time.  None of them, moreover, seem to have much chance at actually becoming law.  Support for each is minimal, and generally divided along party lines.

What action is ultimately taken remains to be seen.  But data collection and use aren’t going to slow down.  The IoT, Facebook, and the rest are only reaching more and more people around the world.  If nothing substantial is done, then there could be a whole lot of heist movies taken straight from the headlines.


By: Jonathan Weicher, post on April 18, 2018
Originally published at: http://www.netlibsecurity.com
Copyright: NetLib Security