Cybersecurity News in Asia

Features
- Featured
  
  How to talk to your board and C-suite about cyber-preparedness
  
  Thursday, June 1, 2023, 11:33 AM Asia/Singapore | Features, Newsletter, Tips
- Featured
  
  Ransomware trends APAC organizations should be mindful of
  
  Tuesday, May 30, 2023, 2:02 PM Asia/Singapore | Features, Malware & Ransomware
- Featured
  
  Generative AI – the cybercriminal’s latest tool of terror?
  
  Tuesday, May 23, 2023, 11:20 AM Asia/Singapore | Features
News
- Featured
  
  Automation and AI increase bot attack sophistication, evasiveness
  
  Thursday, June 1, 2023, 2:45 PM Asia/Singapore | Cyberthreat Landscape, News, Newsletter
- Featured
  
  Research sheds light on Cryptor-as-a-Service in the Dark Web
  
  Tuesday, May 30, 2023, 10:33 AM Asia/Singapore | News, Newsletter
- Featured
  
  Take a peek at ransomware victims’ failure points
  
  Tuesday, May 30, 2023, 10:13 AM Asia/Singapore | Malware & Ransomware, News, Newsletter
Opinions
Tips
Whitepapers
Awards 2022
Directory
E-Learning

News

Enterprise security camera firm lost control of its own 150,000 IP cameras

By CybersecAsia editors | Tuesday, April 6, 2021, 10:30 AM Asia/Singapore

Is this the ironic security lesson that will wake the IoT industry and users up from cyber-complacency?

The risks of IoT are slowly surfacing with wider adoption taking place across the globe.

In a massive cyberattack and stroke of irony last month, Verkada, a Silicon Valley startup specializing in security surveillance, lost control of its own network of IP cameras when hackers obtained ‘root’ access on the connected devices. This enabled the criminals to use the IoT devices as a launching point for attacks laterally across the entire enterprise network.

With this super user access to the security cameras, the hackers were able to stream live feeds of every Verkada customer’s camera network. Here is the stinger: Verkada’s large customer base includes large enterprises like Tesla, public jails, hospitals, and schools.

In addition to the 150,000 live video feeds accessed, the hackers were able to download all archived videos—a sizeable bounty. Without a quick fix, many of these organizations had to shut down their network of security cameras to prevent unauthorized access.

Internet of Things or Threats

IoT devices present a huge attack surface and can be easy for cybercriminals to hack into, if certain precautions and settings are not addressed:

Devices with little to no built-in security measures are deployed
Devices that run on simple or legacy operating systems
Weak, easy-to-guess passwords are used to restrict access
The firmware and software are difficult to update

According to Check Point Software Technologies, IoT devices have unique characteristics depending on the type of device functionality, operating systems, and so on. They also often use proprietary protocols that are difficult to understand, making it difficult for IT and network managers to set security policies.

Many of them are also left unmonitored, meaning that although these devices are connected to any given network, it is extremely difficult to control them, view them, and create policies for these devices unless AI-automated solutions are installed to facilitate their visibility.