Last week’s Verkada Inc. security camera breach has caught the attention of many as the newest “hair-raising” violation in the world of enterprise IoT.
Most are aware by now that an international hacker collective called “Advanced Persistent Threat 69420” broke into a massive stockpile of live feeds from Verkada’s web-based network of security cameras. The breach left sensitive and private video surveillance footage from its customers hacked and exposed, allowing the perpetrators to go so far as pivoting into separate corporate networks of some customer accounts.
The unfortunate incident exemplifies the extent of data security and privacy violations that can occur if video surveillance data falls into the wrong hands. Though investigations continue, lessons must be learned from this shocking incident.
The hacker’s were candid enough to divulge how they managed to orchestrate the breach, and it wasn’t out of the ordinary. Verkada’s security cameras were accessed via a publicly exposed super admin password that was readily available on the internet. After obtaining “root” access or—the authorization to execute any command on a device—the hackers weaponized the security cameras by executing their own code into them.
The weaponization and subsequent hijacking of the cameras made it possible to set up the devices as springboards to perpetrate secondary attacks and access the broader corporate networks of Verkada’s customers.
In light of the attack, two key indications jump out at us here at Palo Alto Networks:
We believe having complete visibility of all devices in the organization is the first step towards protecting them.
We believe continuous risk assessment and enforcement of easily manageable trust-based security policies would have raised an alert to easily prevent this from happening.
Last year Palo Alto Networks’ Unit 42 threat intelligence team analyzed 1.2 million IoT devices in thousands of physical locations across enterprise IT and healthcare organizations in the United States.
Our research revealed some astonishing facts about IoT devices in enterprise networks and reasons behind IoT-related cyberattacks.
Our IoT Security allows organizations to gain active control and full visibility into connected devices to natively secure them at scale. It provides risk-based policy recommendations to automate enforcement on the Next-Generation firewall, seamlessly integrating with your organization’s existing security posture.
Coming back to security cameras, we want to leave you with data that showcases how our IoT Security effectively helps discover, monitor and secure these devices. We recently surveyed over 135,000 active cameras from customer installed base, the findings are as follows:
The Verkada breach should serve as nothing short of a wake-up call to the growing problem of IoT-focused cyberattacks in enterprise environments. It should compel organizations to give serious thought to managing IoT’s risks in the interest of protecting their business operations from similar data security and privacy violations.
Connect with us to learn more about how our industry-first IoT Security protects every single device in your network while making single-purpose sensors a thing of the past.