Hackers Broke Into 150 Thousand Cameras Worldwide
Hacking the California-based security startup Verkada allowed hacktivists to gain root access to 150,000 video cameras installed in banks, medical institutions, and prisons. The incident also affected the company’s high-profile customers – Tesla, Cloudflare, and Equinox fitness services provider.
Don’t miss the latest news on cybersecurity topics.
What is happening?
The Hackers, referring to themselves as “Advanced Persistent Threat 69420,” reported a successful penetration into the network of the American manufacturer of tracking systems. The event opened public access to more than 100,000 thousand cameras for surveillance worldwide. These devices included prisons, shops, warehouses, etc.
During the time when violators had almost unlimited access to the cameras around the world, they managed to look into monitors with sensitive data in hospitals and offices, found cameras hidden in ventilation and medical equipment in prisons, and learned that all CloudFlare offices have cameras with facial recognition.
The most famous and dangerous hackers have been listed here.
The images from assembly shops of Tesla did not bring any special revelations – people work, and nothing illegal or strange happens there.
But in one of the American prisons, they found on the warden’s computer a whole collection of videos cut from the recordings of surveillance cameras.
According to Tillie Kottman, who represented the group in a conversation with Bloomberg, there was nothing complicated in the hacking process – they “found the username and password for the administrator’s account on the internet.” They do not specify exactly how such data got into the network, but by the time the material was published, the Verkada security service had already blocked all the administrator accounts, after which the violators lost access to the data.
Do you want to know how hackers create their attacks? Watch some movies based on the real events.
The goal of the attack
However, the hackers believe that they have achieved their goal – to draw public attention to how many security cameras are around and how little attention is paid to such systems’ security. According to one of the members of the group that hacked Verkada, such companies pursue only one goal – profit.
How many cybercrimes happen during the year? Read the updated statistics.
Comments on the action
Security expert Eva Halperin noted that “if you buy such cameras and place them near potentially sensitive information, be prepared for the fact that in addition to you, an administrator unfamiliar to you from the manufacturer will have access to them.”
Commenting on the incident, a representative of Cloudflare noted that the Verkada equipment was actually used. IP cameras were installed in several offices. However, all of them were officially closed a few months ago. After the incident, all the cameras were disconnected from the networks, so only a small part of the data was leaked to the network.
No comments from Tesla, Equinox and other affected companies have yet been received.
Use this private and secure tool to forget about online threats.