wordpress blog stats
Connect with us

Hi, what are you looking for?

Hackers breach thousands of cameras used by Tesla, schools, jails and prisons: Report

surveillance, cctv

Silicon Valley startup Verkada Inc, a closed-circuit TV and camera management platform, was hacked by a group of hackers, revealing thousands of hours of footage from over 150,000 surveillance cameras, Bloomberg reported. Some of the company’s clients, which includes hospitals, companies, police departments, prisons and schools, were using a facial-recognition tool to track and monitor their employee’s behaviour among other things.

Verkada provided its services to companies like Tesla, Cloudfare, Halifax Health and Madison County Jail in Alabama, all of whose camera feeds were compromised as part of the hack. The hackers claim to have access to the entire video archive belonging to all of Verkada’s clients. They said that the intention of the hack was to see how pervasive video surveillance is and the ease with which these systems could be compromised. The hackers found that Verkada had implemented a facial-recognition technology, which in the case of hospitals is used to identify and categorise people.

AI tools to monitor and analyse behavior

According to a blogpost by Verkada, one of the tools it offers clients’ is called ‘People Analytics’ through which they clients can “search and filter based on many different attributes, including gender traits, clothing color, and even a person’s face”. The report said that some of the cameras with facial-recognition technology inside the jail, in order to track inmates and correctional staff, were hidden inside vents, thermostats and defibrillators.

While Verkada’s clients may have requested for such technology to be integrated as part of their camera services, some clients may be unaware that in addition to their security teams’ employees of Verkada also had access to the same feeds, the report said. According to Vice, the facial-recognition technology appear to be basic functions of the camera and not add-ons. Verkada, itself, says that all of its cameras include “Smart Edge-Based Analytics” and that as a company they have been building artificial intelligence tools which allows for people detection, bounding boxes and heat maps. 

Tillie Kottmann, one of the hackers, who spoke to Bloomberg, said that the hacking group was able to obtain “root” access on the cameras through a “Super Admin” account for which, the user and password was publicly exposed on the internet. They were able to then use this access to pivot and gain access to the broader network of Verkada’s customers. They could hijack cameras and use them as a platform to launch future hacks, Kottman said.

Advertisement. Scroll to continue reading.

The company has tasked an internal team and an external security firm to investigate the incident, the report said. In a statement to Bloomberg, a Verkada spokesperson said that the company has disabled all internal administrator accounts to prevent any unauthorised access. “Our internal security team and external security firm are investigating the scale and scope of this issue, and we have notified law enforcement,” they said.

List of compromised entities

  • Access to 150,000 surveillance cameras
  • Halifax Health, a hospital in Florida
  • Tempe St. Luke’s Hospital in Arizona
  • A police station in Stoughton, Massachusetts
  • 222 cameras in Tesla’s warehouse in Shanghai
  • Sandy Hook Elementary School in Connecticut
  • Women’s health clinics and psychiatric hospitals
  • Wadley Regional Medical Center, a hospital in Texas
  • 17 cameras inside Graham County detention facility in Arizona
  • 330 security cameras inside the Madison County Jail in Alabama
  • Cloudflare offices in San Francisco, Austin, London and New York

The entire list of entities that may have been compromised in the hack include:

  • K-12 schools
  • Private residences marked as “condos”
  • Shopping malls
  • Credit unions
  • Multiple universities across America and Canada
  • Pharmaceutical companies
  • Marketing agencies
  • Pubs, bars and breweries
  • A Salvation Army Center
  • Churches
  • The Professional Golfers Association
  • Museums
  • A newspaper’s office
  • Airports

Also Read

Written By

Reports on banking, payments, fintech and crypto-curencies. Additional reporting on media regulations, data protection and other areas.

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.

Views

News

Releasing the policy is akin to putting the proverbial 'cart before the horse'.

News

The industry's growth is being weighed down by taxation and legal uncertainty.

News

Due to the scale of regulatory and technical challenges, transparency reporting under the IT Rules has gotten off to a rocky start.

News

Here are possible reasons why Indians are not generating significant IAP revenues despite our download share crossing 30%.

News

This article addresses the legal and practical ambiguities in understanding the complex crypto ecosystem in India.

You May Also Like

News

Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...

Advert

135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...

News

Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...

News

By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Name:*
Your email address:*
*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ