Verkada Camera Breach: Hackers post pictures of Tesla, Salesforce and public insititutes

Hackers have breached a massive trove of security-camera data via Silicon Valley startup Verkada Inc, Bloomberg reported on Tuesday. Through this breach, they have gained access to live feeds of 150,000 surveillance cameras inside hospitals, companies, police departments, prisons and schools in the US. Further, hackers successfully accessed feeds from Verkada customers including Tesla, Cloudflare, Equinox; Florida hospital system Halifax Health, Wadley Regional Medical Center in Texas Tempe St. Luke's Hospital in Arizona; Madison County Jail in Alabama; Sandy Hook Elementary School in Connecticut, according to Bloomberg. Additionally, hackers were able to view video from inside women’s health clinics, psychiatric hospitals and the offices of Verkada itself.

One of the images that the hackers have let out, is a jail cell block. Another has a man wearing a fake beard dancing in a bank storage room. The images that the hackers captured, they posted on Twitter with a hashtag - #OperationPanopticon. Further, Verdaka Inc has stated that they have disabled all internal administrator accounts to prevent any unauthorized access. The team is investigating the scale and scope of this issue. They have also notified law enforcement, reports state.

The scope of the attack

The hacker group claimed to have taken credentials from a high-level administrator account at Silicon Valley firm Verkada. Verdaka runs a platform that operates security systems online. Some of the cameras, including in hospitals, use facial-recognition technology to identify and categorize people captured on the footage. The hackers say they also have access to the full video archive of all Verkada customers.

The exact number of hacked cameras per institute, is yet, undisclosed. Tillie Kottmann, who goes by the pronouns they/them claimed partial credit for the breach, He even told Bloomberg that the group aimed to expose how widespread surveillance has become. He also said that these systems are easy to hijack, plus it was fun for them. Additionally, their motive was “lots of curiosity, fighting for Freedom of Information and against Intellectual Property, a huge dose of anti-capitalism, a hint of anarchism”.

Is the breach an eye-opener?

Commenting on the issue, Asaf Hecht, Cyber Research Team Leader, CyberArk said that the potential for breaching common IoT devices, like security cameras, is something everyone has been talking about for years. “Cameras, much like other hardware devices, are often manufactured with built-in or hardcoded passwords. These, the customer, rarely, if ever, changes. While we can’t be sure that’s what happened in this case, recent breaches certainly have ‘scale’ in common; demonstrating attackers’ growing confidence and precision. They have the ability to efficiently extrapolate weaknesses for impact,” he said.

“While Verkada reportedly took the right steps to disable all internal administrator accounts to prevent any unauthorized access, it was likely too late. The attackers had already landed. Based on what’s been reported, this attack follows a well-worn attack path – target privileged accounts with administrative access, escalate privileges to enable lateral movement and obtain access to highly sensitive data and information – effectively completing the intended goal. What we’ll need to especially watch in this case is the potential for far-reaching implications for privacy regulations including HIPAA,” he concluded.

Healthcare at a major risk?

According to Tenable’s Security Response Team (SRT), the healthcare sector in 2021 has seen 237 breaches. The incidents continued into 2021, with 56 breaches already disclosed by the end of February 2021. In fact, the present case also presented a hard case of hitting not only large enterprises but also hospitals. Telehealth or even traditional hospitals have seen a strain of dealing with the pandemic. Thus, telehealth solutions were a prominent risk area over the last year. Even if they are an answer to current medical care needs, beyond the limitations of social distancing norms, modern healthcare solutions provide a large surface area for attacks.