Hackers gain access to 150,000 surveillance cameras

Two other attacks have rocked Europe and America. A social authority in Spain is also affected.

The attack targeted countless cameras around the world.

NAfter the hacker attacks on Microsoft’s Exchange Server email architecture became known, two further attacks rocked Europe and America on Wednesday. While the state employment agency was paralyzed in Spain, hackers in California looted access to 150,000 surveillance cameras around the world.

The attackers there could virtually see in a live stream what the cameras from the manufacturer Verkada captured. “Have you ever wondered what a Tesla warehouse looks like?” Asked the anonymous hacker collective APT-69420 via Twitter – and added a photo of the hacked company.

It also took screenshots of prison cells, security companies, and clinics. Twitter blocked the account of an alleged member of the group with reference to the fact that it was prohibited on the platform to distribute material captured by hacking.

Verkada is a barely five year old start-up based near San Francisco. It specializes in video surveillance systems and has equipped some of its cameras with special systems for object and face recognition. That probably made it the target of the apparently politically motivated hackers. “What if we ended capitalist surveillance in two days?” They wrote on Twitter.

A lot in China

According to their statements, the basis of the attack was the password for an administrator access that they found publicly on the Internet. Verkada has closed all internal administrator accounts to prevent access to them. Criminal law steps have been initiated. The hackers said they also had access to the video archives of each camera.

According to the analysis company Comparitech, there are currently almost a billion cameras installed around the world for video surveillance of public streets and squares, but also private properties. Around half of them are in China, with more than 1.1 million cameras installed in Beijing alone. London has just under 630,000, Moscow 200,000, while Berlin only has less than 20,000.

Proponents of video surveillance welcome the associated opportunities to investigate criminal offenses, while critics fear a surveillance state due to the widespread use. They also fear the misuse of the digital data collected by the cameras – as has now happened.

In Spain, however, hackers met with the Employment Office (SEPE), the authority responsible for unemployment and social security benefits. On Wednesday it was unclear whether there was a connection to the hacking attack on Microsoft’s Exchange system. According to press reports, a malicious program was used that encrypted the systems, possibly from the “Ryuk” family already known to experts. Cyber ​​criminals use this to blackmail and demand a ransom to re-enable the systems.

The SEPE director Gerardo Gutierrez said in several interviews that the administration and payment of social benefits as well as unemployment and short-time work benefits were not affected. In addition, no personal data was leaked. According to various sources, all computers in workplaces in more than 700 offices across the country have been affected by the malware – including laptops for employees who are currently working at home. A total of 8,000 people work for SEPE.

25,000 more vulnerable

The Exchange vulnerabilities continued to be exploited on Wednesday. The President of the German Federal Office for Information Security (BSI), Arne Schönbohm, said that up to 60,000 systems had been affected in Germany at the time the security gaps became known. “As far as the BSI is aware, around 25,000 of these are still vulnerable today. However, every vulnerable system is too much and can lead to damage. ”Since the weekend, around 100 affected companies, small and large, have reported to the authorities. In addition, two of the eight federal authorities suspected of being affected are actually affected.

There were also initial reports of successful attacks from Switzerland. In America, the cybersecurity agency Cisa announced that hackers exploited the vulnerabilities “extensively and indiscriminately”. Tens of thousands of organizations have been affected in the United States, and security specialist Fireeye identified retailers and city councils as victims.