Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

Russia Hacked Residential Cameras in Ukraine to Spy on Air Defense, Critical Infrastructure

Ukraine said Russia hacked two surveillance cameras and used them to spy on air defense systems and critical infrastructure in Kyiv. 

The Security Service of Ukraine (SSU) announced this week that it has taken down two residential surveillance cameras that were hacked by Russia and abused to spy on air defense systems and critical infrastructure in Kyiv. 

One of the cameras was located in a balcony and was used by its owner for monitoring the surrounding area of an apartment building. Russian threat actors remotely took control of the device and configured it to stream the captured video to YouTube.

The second camera was set up by its owner to monitor the car park of a residential complex. Hackers took control of the camera, which gave them visual information on the surrounding area. 

According to the SSU, the information from these webcams, which exposed air defense systems and critical infrastructure facilities, was leveraged by Russia to aid its January 2 missile attack on Kyiv. 

“In total, since Russia’s full-scale invasion, the SSU has blocked the operation of about 10,000 IP cameras that the enemy could have used to adjust missile attacks on Ukraine,” the SSU said, reminding individuals that they can face legal action if they publish videos or photos of defense force activities or enemy attacks. 

“All conflicts today (and for the past 15 years) have had some element of leveraging vulnerable IoT/OT/ICS devices to gain a cyber advantage during wartime,” said Bud Broomhead, CEO at Viakoo, a California-based provider of automated IoT cyber hygiene. 

“In both the Ukraine/Russia and Israel/Hamas conflicts both sides have been hacking into IP cameras and other IoT systems to gain intelligence, promote propaganda, and enable lateral movement into other systems,” Broomhead added. “The reason is that many surveillance cameras are not maintained the way that IT systems are; they are managed outside of IT and often are ‘set it and forget it’, and therefore lack proper cyber hygiene around firmware patching, password rotations, and certificate management.”

Ken Dunham, cyber threat director of Qualys’ Threat Research Unit, also commented on the story, saying, “Cameras and other forms of IoT, including audio and visual, provide a wealth of reconnaissance and control not previously available prior to our current generation of integrated ‘smart’ devices, creating new creative command and control not supported in former generations of hack and attack.”

“Organizations must prioritize SecOps for all areas of infrastructure, including physical security controls, segmented networks, and those considered air-gapped, as connections and capabilities often exist that complex networks may not realize until exploitation and lateral movement occur,” Dunham added. “Do not make the mistake or assumption of believing your security cameras are secure by being obscure in your segmented network – you must still prioritize and manage security for these devices, customized to the risk specific to your assets and adversaries.”

Advertisement. Scroll to continue reading.

Related: Vulnerability Allows Hackers to Remotely Tamper With Dahua Security Cameras

Related: Dozens of Unpatched Flaws Expose Security Cameras Made by Defunct Company Zavio

Related: The Lessons From Cyberwar, Cyber-in-War and Ukraine

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Cyberwarfare

Russian espionage group Nomadic Octopus infiltrated a Tajikistani telecoms provider to spy on 18 entities, including government officials and public service infrastructures.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

IoT Security

A vulnerability affecting Dahua cameras and video recorders can be exploited by threat actors to modify a device’s system time.

IoT Security

An innocent-looking portable speaker can hide a hacking device that launches CAN injection attacks, which have been used to steal cars.

Cyberwarfare

Several hacker groups have joined in on the Israel-Hamas war that started over the weekend after the militant group launched a major attack.

Cybercrime

On the first anniversary of Russia’s invasion of Ukraine, cybersecurity companies summarize the cyber operations they have seen and their impact.