Verkada Hacked

00Buck

Known around here
Joined
Jan 17, 2016
Messages
219
Reaction score
420
Location
Indiana
(Bloomberg) A group of hackers says they breached a massive trove of security-camera data collected by Silicon Valley startup Verkada Inc., gaining access to live feeds of 150,000 surveillance cameras inside hospitals, companies, police departments, prisons, and schools.
 

mat200

IPCT Contributor
Joined
Jan 17, 2017
Messages
13,670
Reaction score
22,774
A group of hackers say they breached a massive trove of security-camera data collected by Silicon Valley startup Verkada Inc., gaining access to live feeds of 150,000 surveillance cameras inside hospitals, companies, police departments, prisons and schools.

Companies whose footage was exposed include carmaker Tesla Inc. and software provider Cloudflare Inc. In addition, hackers were able to view video from inside women’s health clinics, psychiatric hospitals and the offices of Verkada itself. Some of the cameras, including in hospitals, use facial-recognition technology to identify and categorize people captured on the footage. The hackers say they also have access to the full video archive of all Verkada customers.

In a video seen by Bloomberg, a Verkada camera inside Florida hospital Halifax Health showed what appeared to be eight hospital staffers tackling a man and pinning him to a bed. Halifax Health is featured on Verkada’s public-facing website in a case study entitled: “How a Florida Healthcare Provider Easily Updated and Deployed a Scalable HIPAA Compliant Security System.”
..


 

Teken

Known around here
Joined
Aug 11, 2020
Messages
1,521
Reaction score
2,747
Location
Canada
I think its great this happen because the people who bought into this horse shit should be fired. The whole Local First vs Cloud First has been turned upside down by millions of companies and customers who should never be allowed to be in a position of decision making and procurement. :angry:

The very fact this breach involves government agencies and institutions just affirms the people in charge are clueless and have too much money to spend!

The irony in all of this is you won't read of a single person being fired over making this decision . . .

What I can say is whoever is behind the Verkada marketing for this company deserves a raise, bonus, and medal. The shear fact they have been so successful in selling this product & service to the incompetent fools in so many industries is truly impressive to say the least. :thumb: Than again one only needs to look at the millions of fools who buy half assed products from likes of Nest, Reolink, and Wyze, etc. :lmao:
 

wittaj

IPCT Contributor
Joined
Apr 28, 2019
Messages
24,448
Reaction score
47,572
Location
USA
Yep, instead of our government forbidding agencies forbidding them from using Chinese brand cameras like Dahua and Hikvision because they could be used to be spied on by the Chinese government, they should have been looking at what the real issue is, and it is this issue that will be same regardless of who makes a camera. You need to get the cameras off the internet period.
 

Teken

Known around here
Joined
Aug 11, 2020
Messages
1,521
Reaction score
2,747
Location
Canada
Verkada had been running tons of adds on youtube bragging how secure and better the cloud storage was. I haven't seen any the past couple of days.:clap:
There's no such thing as secure when speaking about so called Cloud Power. :facepalm: The benefits of using the cloud is having the ability to reduce up front hardware costs, energy costs, reduced management, long term maintenance, off site, redundancy & fail over. Those who also use cloud power to host applications and services also benefit due to the shear computing power these companies offer.

Going this route obviously gives up any Sudden Service with respect to SLA.

As of this writing there hasn't been a single Internet connected appliance or service not impacted by some kind of breach / hack. The very fact these stupid people are in charge of Government, Institutions, and Industry environments just affirms the world is filled with imbecil's! :thumb:

There aren't very many companies that operate a Red & Blue team for ongoing pen tests. Almost all of them call upon a third party services after the fact to conduct a post mortem as to How & Why. The fact you see this same type of problems in every Financial, Government, and Utility should make everyone take note and pause. There was a great article about three different utilities spanning telco, water, to power and the people who they interviewed bragged about how they never been hacked or compromised.

Whelps, upon further investigation the primary reason they have never seen a breach is the fact all of their hardware was from 1800! :wtf: I'm obviously exaggerating as to how old their hardware is but basically their systems were so old there wasn't anything considered Internet Linked. All of the systems operated in a isolated closed loop and thus if you can't talk to the outside world there's zero chance of being hacked / breached! :thumb:

These same people who spouted this so called technical marvel soon ate a large plate of crow . . .

Upon guess what?!?

All of the major systems in their infrastructure was updated to the latest and greatest network solutions! :lmao: Two of the people which I gather were PR employee's no longer work in those industries as the reporter tried to get them back for a follow up. The third person obviously refused any follow up interview and never replied with a response as to what happen to the Bullet Proof system ???

There are just some things in the home / work that should remain off line and isolated from anything else.

Every time I read about people going on about how they securely access X vs Y using VPN, Proxy, Port Forwarding, etc I just laugh. :rofl:
 
Top