A group of ‘hackers’ infiltrated the surveillance systems of various companies and exposed sensitive material on social media, just to show how easy it is to do so.
Grow Your Business, Not Your Inbox
Stay informed and join our daily newsletter now!
March 10, 2021 3 min read
A new cybersecurity scandal has several companies in check, including Elon Musk’s Tesla , Equinox and the Bank of Utah . A group of hackers managed to infiltrate the system of Verkada , a technology company that provides surveillance cameras and video recording . About 150,000 security cameras were exposed to the attack, allowing criminals to obtain images from inside prisons, schools, hospitals and other institutions.
This massive leak has been baptized in social networks as Operation Panopticon (#OperationPanopticon) . A hacker who participated in the attack, identified as Tillie Kottmann , shared some of the material on her Twitter account , which is already suspended.
Hackers had real-time access to footage of a police officer interrogating a handcuffed person, and several people struggling to control a patient in a psychiatric hospital, according to leaked footage shared by Bloomberg .
According the same medium, some of Verkada’s cameras are powered by facial recognition technology . For example, those at the headquarters of Cloudflare , a US website infrastructure and security company.
Image via Twitter / @ nyancremew
A Verkada representative said in a statement that they are already taking action on the matter.
“We have disabled all internal administrator accounts to prevent any unauthorized access. Our internal security team and the external security firm are investigating the scale and scope of this issue, and we have notified the police,” the police reported. business.
The group of ‘hackers’ claims that they have accessed video files up to 4K , some of which include audio. This implies that they have been able to see in real time, for example, interviews with suspects inside police stations. As if that were not enough, the hackers obtained administrator permissions , which would allow them to execute future actions from the Verkada platform.
Why hack Verkada cameras?
According to Kottman, the attack served two purposes. One is to expose how extensive the permanent surveillance is through the security cameras that transmit over the Internet. The other is to demonstrate how easy it is to access these surveillance systems to spy on thousands of restricted sites.
Image via Twitter / @ nyancremew
Speaking to BleepingComputer , Kottman revealed that someone in the group found the username and password of an administrator account . Although it is very sensitive information, the hacker claims that it was exposed on the internet and did not require any sophisticated process to obtain it.
So far it is not known what actions the affected companies and institutions will take, as a massive hack of their surveillance and security systems is not something to be taken lightly.