Firefighters paint at the site of a residential building that was badly destroyed during a Russian missile strike in Kyiv, Ukraine, on Jan. 2, 2024. (Photo by Maxym Marusenko/NurPhoto via Getty Images)
Ukraine has accused Russia of hacking webcams to spy on targets in Kyiv ahead of a fatal airstrike this week, an example of how cyberattacks on internet-connected devices have part of modern warfare.
In a statement, Ukraine’s security service, the SBU, said it had disabled two civilian surveillance cameras compromised by Russian operatives so it could practice air defense systems and “critical infrastructure” ahead of major missile attacks. and drones on Jan. 2.
The strikes mainly targeted Kyiv and Kharkiv, Ukraine’s second-largest city, and are believed to have killed at least five other people and wounded 129 more. Electricity and the grid were also cut off.
The SBU said Russia was able to remotely monitor Kyiv’s hijacked webcams, offering it valuable intelligence that allowed it to refine or “adjust” its movements in the capital.
The Russians allegedly changed the angle of view of one of the cameras, on the balcony of a building, and livestreamed the broadcast on YouTube.
The hack of the other camera, in a residential complex, gave the attackers a live view of the surrounding domain “including critical infrastructure”, the SBU said.
The security service said that since the Russian invasion of Ukraine in February 2022, it had blocked about 10,000 IP cameras that the attackers could have used simply to “tune up” missile strikes against Ukrainian targets.
For the past 15 years, warring countries have focused on vulnerabilities in business systems, operational technologies and Internet of Things (IoT) devices to gain an advantage, said Bud Broomhead, CEO of Viakoo.
One of the earliest examples is the Stuxnet worm, which evolved around 2007 to derail Iran’s burgeoning nuclear program by compromising control, monitoring, and knowledge acquisition (SCADA) systems.
“In the Ukraine/Russia and Israel/Hamas conflicts, both sides have hacked IP cameras and IoT systems to download intelligence, publicize propaganda, and enable lateral movement of systems,” Broomhead said.
“The reason for this is that many surveillance cameras are not maintained in the same way as computer systems. They are controlled outside of IT and are “set and forget” and therefore lack proper cybersecurity when it comes to firmware. patching, password rotations, and certificate management.
A study conducted by Palo Alto Networks’ Unit 42 in 2021 found that while security cameras account for 5% of commercial IoT devices, they account for 33% of all security issues.
“The world of cybersecurity and traditional warfare is a difficult combination with IoT integration and interdependence in 2024,” said Ken Dunham, director of cyber threats at Qualys’ Threat Research Unit.
“Cameras and other forms of IoT, including audio and visual, provide a wealth of reconnaissance and control not previously available prior to our current generation of integrated ‘smart’ devices, creating new creative command-and-control not supported in former generations of hack and attack.”
Callie Guenther, senior director of cyber risk studies at Critical Start, said the Kyiv incident was a reminder that IoT security is lagging behind the speed of generation adoption.
“Many IoT devices lack robust security features, such as strong authentication mechanisms, regular security updates, and the ability to monitor and detect suspicious activities,” Guenther said.
“As IoT devices become more ubiquitous and integral to critical operations, their security implications become more significant.
In its webcam hack in Russia, the SBU suggested Ukrainians pull the plug on all cameras and report any live feeds they were aware of. Security facilities reminded citizens that it was illegal to film and publish military activities and was punishable by up to 12 years in prison. in prison.
Simon Hendery is an independent IT representative who specializes in security, compliance, and workflows. With a background in generational journalism and marketing, he is a passionate storyteller who loves researching and sharing the latest developments in the industry.
The new stealth Silver RAT remote access Trojan has been aggressively promoted through the alleged Syrian risky operation Anonymous Arabe on social media and hacking sites, The Hacker News reports.
A flaw in the Ivanti Endpoint Manager (EPM) software can allow an attacker with insider functions to execute remote code execution (RCE).
Follow those seven steps to manage cellular security more effectively.
By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.