It’s easy to forget sometimes that the IoT encompasses more than just end-points and network devices. To help drive home that fact, Bleeping Computer has posted a story regarding hacked IoT security cameras.
Cameras at major companies like Tesla, and Cloudflare have been hacked, according to the story. They’re not the only ones. Healthcare facilities, jails, banks, and more have been compromised as well.
The hack, part of something called #OperationPanopticon, exposed a vulnerability in Verkada, a surveillance company who works with the impacted businesses, software.
The hack was perpetrated by a group calling themselves “APT-69420 Arson Cats.” It’s unclear what their motivation was beyond exposing the weakness in Verkada’s software.
According to a spokesman for the group APT-69420 Arson Cats were able to compromise Verkada’s software after discovering the Silicone Valley-Based security provider had hardcoded super-admin credentials in their DevOps infrastructure.
A screen grab from inside Tesla HQ (Source) APT-69420 Arson Cats
Cloudflare has issued a statement, saying none of their customers were impacted by the breach. Verkada has disabled the hardcoded super-admin credentials that were the root of the issue, and Elon Musk was unavailable for comment as he’s believed to be on his way to Mars in a Tesla Roadster sports car (well…maybe not).
There doesn’t look to be anything Verkada customers can do otherwise. If you’re not a Verkada customer the incident should still make you think about how you handle your IoT devices.
This isn’t the first time something like this has happened. It wasn’t long ago that Ring (a subsidiary of Amazon) was dealing with an issue revolving their security products being compromised. Now, that’s not exactly the same issue, but close enough.
The moral of the story is this: there is a good possibility that at some point in its lifetime, an IoT device you own will be compromised. There’s no way around it. It is up to you, dear reader, to decide how you want to protect yourself.
Like our blog? Subscribe using the CTA in the upper right-hand corner of this page. Feel like sharing your thoughts with us? Use the comment section below.