No matter where we go, we’re under constant surveillance. Cameras are set up everywhere, from restaurants and airports to businesses and hospitals. Plus, many of these cameras have facial recognition technology, which means a security breach could expose your comings and goings to the entire world.
Tap or click here for more on facial recognition databases and how they are used. Since high-tech cameras are so valuable, it’s no wonder why hackers see them as enticing targets.
A group of hackers recently invaded a security camera company with setups throughout the country. Hackers accessed live feeds from 150,000 cameras from hospitals, schools and businesses like Tesla and Cloudflare. They exposed people inside women’s health clinics and psychiatric hospitals, invading their privacy — and if that weren’t scary enough, hackers say they can see the full video archive of every customer.
Here’s why you should be concerned
According to security camera company Verkada, over 5,200 organizations use its tech, including the Salvation Army, school districts and cities. The company’s blog boasts of its advanced People Analytics feature, which uses artificial intelligence to give customers high-quality images of everyone on camera.
“From there, users can search and filter based on many different attributes, including gender traits, clothing color, and even a person’s face,” according to a Verkada article.
That’s just one of Verkada’s many advanced features. Aside from facial recognition, customers can also take advantage of heatmaps and vehicle detection programs.
At this point, it’s not clear how many customers use these features. Still, it’s safe to say that these cameras provide ample potential for data tracking.
Speaking of surveillance, if you’re planning to travel in 2021, be prepared to share your face with the world. A recent proposal by U.S. Customs and Border Protection wants to expand facial recognition technology to all American ports. Here’s how that could impact your travel plans — and the future of America.
How did they do it?
Bloomberg first reported this breach. Reporter William Turton said Verkada cameras revealed hospital staffers tackling a man, as well as Tesla workers bustling around an assembly line in Shanghai. “The hackers said they obtained access to 222 cameras in Tesla factories and warehouses,” Turton wrote on Twitter.
He also spoke to hacker Tillie Kottman, who claimed to be part of the hacking collective that broke into Verkada’s network. Formerly known as @nyancrimew, Kottman allegedly sent tweets alluding to the attack. According to Newsweek, they posted this a few days before the hack: “What if we just absolutely ended surveillance capitalism in two days?”
Twitter booted Kottman from the platform for their role in the hack, but their social media posts suggest this privacy breach was for political reasons rather than financial ones. Still, Turton’s findings have grim connotations.
“Hackers watched through the camera of a Verkada employee who had set one of the cameras up inside his home,” he wrote on Twitter. “One of the saved clips from the camera shows the employee completing a puzzle with his family.”
Kottman said the hacking collective broke in by stealing credentials to a “super admin” account. Basically, administrative accounts give users full control of Windows, from installing programs to bolstering security settings. Tap or click here for our full guide on admin accounts.
After logging in, the group could easily access all of the cameras…and leak the contents online. Verkada claims it has disabled all administrator accounts, but we’ll be watching this story closely for updates.
In the meantime, you should keep a close eye on the security cameras in your own home. Sure, they weren’t involved in this particular hack — but they’re still attractive targets for bad guys. Tap or click here for some security camera safety tips to keep hackers out.