Casino Aquarium Hack
 

Has anyone know heard what controller / network setup the casino was using?

http://money.cnn.com/2017/07/19/tech...ace/index.html

I don't know but it really doesn't matter..
I guarantee ALL "connected" reef controllers are susceptible to attacks/hackers like that..

My home security cameras/feeds, other connected home control connected devices, and even my Reeflink are connected via a TOR Hidden Services proxy and authentication cookies. An onion router proxy service should be nigh impossible to get through aside from social engineering.

Really, any decent security company that deals with a customer as sophisticated as a casino should've done some similar at minimum or perhaps something more sophisticated (I'm not a computer security specialist by any means, so I'm not even sure what's possible).

I find it sad that my house is, in one sense, better protected than at least one actual casino.

Yes of course the are ways/devices/firewalls/proxy/vpn,etc... that can be added to have a more secure system as a whole..

My comment was basically about the built in security features/functions of the devices themselves.. slim to none..

Well, yeah.

You'd just hope CASINO security would have you know, enough foresight to spot that. Any competent security service should be aware of all devices on the network, and I say that almost as a self-evident statement (LOL).

hmm.. how are you using TOR on the regular internet? Don't you have to be on the TOR network for it to work correctly? btw.. there are a lot of weaknesses in it anyway.. there have been multiple attacks. your onion router isn't making your browsing safer...

I don't think you've worked for any large companies where someone high up says, we need this installed and working right now, make it work. doesn't need certified at that point, it gets an internet connection. Maybe it's a weather monitor to display to the hotel guests.. maybe it's projector that needs a network connection for a presentation.. maybe it's an aquarium monitor..

-there wouldn't be any data you can gather from a casino machine from this hack that an attendant could tell you.. we have casinos all over the place here.. i can look at any of the machine data I want to... it's mostly just for book keeping/financials.. doesn't tell you anything about if/when a machine will hit. you'll have some machines that pay out more than they take in, others that have tens of thousands taken in and little paid out and still aren't paying out for years. -most casinos around here cycle through those machines that pay out too much.. unplug them and get rid of them... law of averages says eventually they'll start taking in more than they pay.. but.. small casinos can't take a $10,000 hit in one night when the max payout is supposed to be $800.

I have a secret for you. I bet that casino still has vulnerabilities. 100% security is impossible in a modern environment.

I didn't know about it, thanks.

It's almsost an useless information.