Hackers attacked an unnamed university's network using its own vending machines, light sensors and 5,000 IoT devices, according to the Verizon 2017 Data Breach Digest (DBD) being released this month. Students of the school have raised numerous complaints about slow or inaccessible network connection and that was when the concern has reached a member of the IT security team, according to the Network World. That member suspected something fishy that was happening after he discovered a sudden big interest in seafood related searches or domains.
The incident commander has observed that the name servers produced high volume alerts and showed an abnormal number of sub-domains which are related to seafood. Because of this, the servers had difficulty trying to keep up and resulted to problems in accessing the internet. This was found to be the reason behind the slow connectivity issues that the students have complained about, and what happened was that the hijacked vending machines and the rest of the 5,000 IoT devices were making the seafood-related requests every 15 minutes up to the point where legitimate lookups were already being dropped.
Laurance Dine leader of Verizon's digital forensics team in Europe explained that the university's administrative network was connected to its IoT device network and what the hacker did was to come in to the network and changed the default credentials on the devices and have them new passwords, SC Media reported.
According to Verizon, the lesson learned is that it is always better to make sure there are separate network zones for IoT systems and keep them distant from other critical networks as much as possible. The passwords should also be changed from default to strong and unique passwords, and maintain constant monitoring of the connectivity to the internet.