This week’s trending topic in the cybersecurity community is the successful intrusion of the collective hacktivist APT69420 or Arson Cats that proves no one is secured. Though it is a small group of hackers, they could penetrate Verkada Security Company, a known recipient of Silicon Valley funding for its technology advancement when it comes to a surveillance camera.
Verkada is a well-known company for outsourcing security camera services to companies around the globe. Their last year market value was at USD1.6 billion with a USD139 million additional funding. The company offers a sophisticated approach by providing a surveillance camera connected to the internet that can be managed easily through their developed console that can perform a search query for people and other objects and come with optional facial recognition technology. Compared to the old surveillance camera system, data storage and feeds accessibility have been addressed with their offered technology. Besides that, feeds are uploaded in the cloud network on customers’ accounts, wherein they can manage, view anywhere and anytime through the in-house app on a highly secured level. Verkada company has faced controversy in the past, being accused of using the services maliciously by their employees to gather illicit videos and photos shared publicly, which they have dealt with professionally.
In line with the recent attack, one member of the Arson Cats has posted on Twitter the anti-capitalism subject concerning the service that the company provided about security cameras to claim responsibility for the reported intrusion. Their successful attack was said to be originated from a leaked source on the internet about a specific credential wherein the group was able to exploit and have given them elevated privilege access onto the Verkada system. Based on the initial report, they could tap onto 150,000 surveillance cameras installed on Verkada’s client’s premises, such as schools, hospitals, jails, police offices, gyms, and the well-known Tesla car production facility in China and display room in California. A list of customers with their current and archive feeds, including Verkada’s offices, was also posted as evidence to prove their successful attack. The tweet was removed, and the perpetrator’s account has been suspended immediately as Twitter decided that it is a violation of their community rules.
Verkada did not deny the attack and confirmed that they could immediately mitigate plans after discovering the attack.
They were able to immediately cut off their internal and external administrator accounts connection to avoid further damage. This was confirmed before the report has been released to the public. The perpetrator said they have already lost connection to the Verkada system, as they told Bloomberg in an interview. Currently, the extent of the damage is being investigated. The intrusion report has already been submitted to the law enforcement authorities following the protocol for company hacks/breaches. Reporters are trying to reach the perpetrators to clarify their motives, and famous clients of Verkada still have no comments about the attack. However, an initial assessment confirmed by Verkada that no customer information nor services have been compromised due to the attack. Their clients are continuously receiving an update about the issue from them. They will soon release an official statement to the public after the investigation has been completed.