wordpress blog stats
Connect with us

Hi, what are you looking for?

Hackers breach thousands of cameras used by Tesla, schools, jails and prisons: Report

surveillance, cctv

Silicon Valley startup Verkada Inc, a closed-circuit TV and camera management platform, was hacked by a group of hackers, revealing thousands of hours of footage from over 150,000 surveillance cameras, Bloomberg reported. Some of the company’s clients, which includes hospitals, companies, police departments, prisons and schools, were using a facial-recognition tool to track and monitor their employee’s behaviour among other things.

Verkada provided its services to companies like Tesla, Cloudfare, Halifax Health and Madison County Jail in Alabama, all of whose camera feeds were compromised as part of the hack. The hackers claim to have access to the entire video archive belonging to all of Verkada’s clients. They said that the intention of the hack was to see how pervasive video surveillance is and the ease with which these systems could be compromised. The hackers found that Verkada had implemented a facial-recognition technology, which in the case of hospitals is used to identify and categorise people.

AI tools to monitor and analyse behavior

According to a blogpost by Verkada, one of the tools it offers clients’ is called ‘People Analytics’ through which they clients can “search and filter based on many different attributes, including gender traits, clothing color, and even a person’s face”. The report said that some of the cameras with facial-recognition technology inside the jail, in order to track inmates and correctional staff, were hidden inside vents, thermostats and defibrillators.

While Verkada’s clients may have requested for such technology to be integrated as part of their camera services, some clients may be unaware that in addition to their security teams’ employees of Verkada also had access to the same feeds, the report said. According to Vice, the facial-recognition technology appear to be basic functions of the camera and not add-ons. Verkada, itself, says that all of its cameras include “Smart Edge-Based Analytics” and that as a company they have been building artificial intelligence tools which allows for people detection, bounding boxes and heat maps. 

Tillie Kottmann, one of the hackers, who spoke to Bloomberg, said that the hacking group was able to obtain “root” access on the cameras through a “Super Admin” account for which, the user and password was publicly exposed on the internet. They were able to then use this access to pivot and gain access to the broader network of Verkada’s customers. They could hijack cameras and use them as a platform to launch future hacks, Kottman said.

The company has tasked an internal team and an external security firm to investigate the incident, the report said. In a statement to Bloomberg, a Verkada spokesperson said that the company has disabled all internal administrator accounts to prevent any unauthorised access. “Our internal security team and external security firm are investigating the scale and scope of this issue, and we have notified law enforcement,” they said.

Advertisement. Scroll to continue reading.

List of compromised entities

  • Access to 150,000 surveillance cameras
  • Halifax Health, a hospital in Florida
  • Tempe St. Luke’s Hospital in Arizona
  • A police station in Stoughton, Massachusetts
  • 222 cameras in Tesla’s warehouse in Shanghai
  • Sandy Hook Elementary School in Connecticut
  • Women’s health clinics and psychiatric hospitals
  • Wadley Regional Medical Center, a hospital in Texas
  • 17 cameras inside Graham County detention facility in Arizona
  • 330 security cameras inside the Madison County Jail in Alabama
  • Cloudflare offices in San Francisco, Austin, London and New York

The entire list of entities that may have been compromised in the hack include:

  • K-12 schools
  • Private residences marked as “condos”
  • Shopping malls
  • Credit unions
  • Multiple universities across America and Canada
  • Pharmaceutical companies
  • Marketing agencies
  • Pubs, bars and breweries
  • A Salvation Army Center
  • Churches
  • The Professional Golfers Association
  • Museums
  • A newspaper’s office
  • Airports

Also Read

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.

Views

News

By Rahul Rai and Shruti Aji Murali A little less than a year since their release, the Consumer Protection (E-commerce) Rules, 2020 is being amended....

News

By Anand Venkatanarayanan                         There has been enough commentary about the Indian IT...

News

By Rahul Rai and Shruti Aji Murali The Indian antitrust regulator, the Competition Commission of India (CCI) has a little more than a decade...

News

By Stella Joseph, Prakhil Mishra, and Surabhi Prabhudesai The recent difference of opinions between the Government and Twitter brings to fore the increasing scrutiny...

News

This article is being posted here courtesy of The Wire, where it was originally published on June 17.  By Saksham Singh The St Petersburg paradox,...

You May Also Like

News

Privacy campaigners have raised concerns about the accuracy of facial recognition technology even as the government pushes for an Aadhaar-linked vaccine registration process.  In...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Name:*
Your email address:*
*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ