Blended Threat Awareness – Cyber Attackers Compromise Security Cameras

Used across multitude of facilities, often unmanaged and connected to the corporate network with little to no security, surveillance cameras provide an avenue for compromise. Compromise that usually leads to serious privacy concerns, but also opens the lens of access to the broader corporate network and for launching future attacks against customers. Attackers claim to have obtained privileged credentials for a high-level administrator at Verkada, an enterprise security camera solutions company. The stolen credentials granted the actors unauthorized access to live feeds of 150,000 security cameras, to include some very critical facilities such as hospitals, jails, law enforcement offices, and schools. The attack was not sophisticated and was enabled by an all-too-often occurrence – administrator credentials publicly exposed on the internet. The attack group seems to tout themselves as vigilantes, telling Bloomberg their intention behind the breach was to demonstrate the extent to which video surveillance exists – but also how easy it is to break into these systems and expose sensitive and private footage. Upon learning of the breach, Verkada reportedly cut off access, but not before the attackers gained visibility into the full video archive of all Verkada customers. Members are encouraged to apply proper cybersecurity controls around surveillance cameras, including (but not limted to) disabling, deleting, or at least renaming (and creating a unique password for) any default high-level administrator accounts. Read more at Bloomberg.