Prison surveillance footage streams live on YouTube

In Opinions

Tomas Foltyn, security writer at ESET that incidents like  CCTV feed been tapped or hacked and even putting CCTV’s out of action can be attributed to poor security settings and poor password hygiene. 

Law enforcement in Thailand is looking into an incident that resulted in the streaming of live surveillance footage from a local prison on YouTube, according to a report by The Bangkok Post

The feed, which gave a glimpse into inmates’ daily lives in crowded cells, contained materials from several locations within the facility. The footage was aired on the video-sharing platform for several hours and was leaked by an as-yet unknown attacker on a YouTube account named ‘Big Brother’s Gaze’ after he compromised, the CCTV system of the Lang Suan prison in the southern part of the country.

The cameras were connected to the internet so that authorized individuals, notably prison and other law-enforcement officials, could keep tabs on the situation in the prison from any smart device. The CCTV system was taken offline in the wake of the incident.

The authorities didn’t say what opened the door to the intrusion, but the attacker himself did give more than a hint: “When installing video surveillance change the standard passwords,” reads a message in the ‘About’ section of the said YouTube channel. According to the Associated Press, the account previously contained footage from security cameras at a Thai company’s office, street views of Salt Lake City, an office in Australia and a café in Amsterdam.

Poor password practices, along with vulnerable embedded firmware and the absence of patches, are just some of the main problems that plague all sorts of internet-connected things, including, somewhat ironically, security cameras.

As one might have expected, this was not the first time that an unauthorized party has remotely tapped into a CCTV feed and streamed it online. For example, in early 2018 live footage from surveillance cameras in four British schools was put online. The incidents were also caused by poor password hygiene.

In another highly publicized case involving CCTV systems, two-thirds of public-space cameras in Washington, DC, were put out of action as part of a ransomware operation in January 2017.

Comments

You may also read!

Almost 90% of organizations compromised and attacked in 2019

Proofpoint, recently released its sixth annual global State of the Phish report, which provides an in-depth look at user phishing

Read More...

SecureLink introduces fastest application security platform to the region

Dubai based risk advisory firm, SecureLink announced signing a distribution partnership for GCC and Egypt with ShiftLeft, the fastest and

Read More...

Forcepoint appoints Nico Popp as its Chief Product Officer

Forcepoint today announced the appointment of Nico Popp as the company’s Chief Product Officer (CPO). In this newly-created role,

Read More...

Join Our Newsletter!

Love SecurityMEA? We love to tell you about our new stuff. Subscribe to newsletter!

Mobile Sliding Menu