Avanti Breach – Does This Signify IoT Attacks Have Become Mainstream?

Avanti Breach – Does This Signify IoT Attacks Have Become Mainstream?

Self-Service kiosk maker Avanti recently experienced a major data breach, forcing the company to shut down a large percentage of vending machines across their network. Apparently, cybercriminals used a type of point-of-sale malware known as Poseidon to attack the kiosks, successfully compromising up to 1.6 million records.


Avanti, which provides vending machines for corporate lunch areas and break rooms, enables users to use cash or payment cards to make purchases at their kiosks. The malware was able to compromise the company’s internal networks and then push malware out to individual vending machines and capture payment information, including the cardholder’s first and last name, credit/debit card number and expiration date.  At this point, we don’t know what, if any, additional damages the malware may have caused.

Weak Security

The attack is yet another example of the many security weaknesses found in many IoT (Internet of Things) devices. Perhaps more important, the incident demonstrates that cybercriminals have once again upped their game, or at least altered it by attacking more IoT devices like the Avanti lunchroom kiosks. In general, IoT devices have less security than corporate information systems, so hackers are targeting them more often and more successfully.

The Avanti incident comes on the heels of several other major IoT-based attacks like Mirai and the Leet Botnet. However, unlike these DDoS (Distributed Denial of Service) attacks that didn’t actually steal any data, the Avanti data breach successfully captured sensitive payment card information. Since cybercriminals are able to monetize the stolen Avanti data, there is little doubt that the success of this breach will fuel additional attacks of this nature.

Surge in IoT Attacks

As an extra enticement for cybercriminals to attack IoT devices, when IoT machines are connected to the corporate network, the easy targets give criminals a foothold to the organization’s information systems.  So it should come as no surprise that we are seeing a surge in IoT related security incidents.

The recent uptick in IoT attacks serves as a warning that organizations can no longer ignore IoT related risks. Does the Avanti breach signify that IoT related attacks have become mainstream? It would seem so.

One thing is clear, organizations can no longer ignore the security risks associated with IoT devices. And it’s not just Avanti devices we need to worry about nor is it the sole responsibility of IoT manufacturers to secure their systems and devices. It’s time for all enterprises to get serious about securing our networks from all types of potential attacks that target IoT devices.

Brian Laing

Brian Laing

For more than 20 years, Brian Laing has shared his strategic business vision and technical leadership with a range of start-ups and established companies in various executive level roles. The author of “APT for Dummies,” he was previously vice president of AhnLab, where he directed the US operations of the internationally known security and software leader. Brian previously founded Hive Media where he served as CEO. He co-founded RedSeal Systems, where he conceived the overall design and features of the product and was granted two patents related to network security. He was also founder and CEO of self-funded Blade Software, who released the industry’s first commercial IPS/FW testing tool.
Brian Laing

Latest posts by Brian Laing (see all)