Security Cameras at Tesla, Cloudflare, and More Hacked


March 10, 2021

It’s easy to forget sometimes that the IoT encompasses more than just end-points and network devices. To help drive home that fact, Bleeping Computer has posted a story regarding hacked IoT security cameras. 

Cameras at major companies like Tesla, and Cloudflare have been hacked, according to the story. They’re not the only ones. Healthcare facilities, jails, banks, and more have been compromised as well.

The hack, part of something called #OperationPanopticon, exposed a vulnerability in Verkada, a surveillance company who works with the impacted businesses, software.

The hack was perpetrated by a group calling themselves “APT-69420 Arson Cats.” It’s unclear what their motivation was beyond exposing the weakness in Verkada’s software.

According to a spokesman for the group APT-69420 Arson Cats were able to compromise Verkada’s software after discovering the Silicone Valley-Based security provider had hardcoded super-admin credentials in their DevOps infrastructure.

Oy Vey.


A screen grab from inside Tesla HQ (Source) APT-69420 Arson Cats

Cloudflare has issued a statement, saying none of their customers were impacted by the breach. Verkada has disabled the hardcoded super-admin credentials that were the root of the issue, and Elon Musk was unavailable for comment as he’s believed to be on his way to Mars in a Tesla Roadster sports car (well…maybe not).

There doesn’t look to be anything Verkada customers can do otherwise. If you’re not a Verkada customer the incident should still make you think about how you handle your IoT devices.

This isn’t the first time something like this has happened. It wasn’t long ago that Ring (a subsidiary of Amazon) was dealing with an issue revolving their security products being compromised. Now, that’s not exactly the same issue, but close enough.

The moral of the story is this: there is a good possibility that at some point in its lifetime, an IoT device you own will be compromised. There’s no way around it. It is up to you, dear reader, to decide how you want to protect yourself.

Like our blog? Subscribe using the CTA in the upper right-hand corner of this page. Feel like sharing your thoughts with us? Use the comment section below.

Carl Keyser is the Content Manager at Integris.

Keep reading

What to Know Before Installing Copilot for Microsoft Word

What to Know Before Installing Copilot for Microsoft Word

Imagine having an AI assistant that pulls from your notes, marries them to an existing document format, and writes a document for you. That's the power of Copilot for Microsoft Word, which is planned for rollout in 2024 for those who buy the Copilot M365 license....

Bridging the Gap between Automation and Innovation

Bridging the Gap between Automation and Innovation

Automation and Innovation. Some people might say those two words cancel each other out. Yet, I believe these two concepts can create capacity for each other—if your business leverages the free time automation creates to foster innovation. Automation can be...