Hacker group Anonymous controls over 400 Russian cameras

Anonymous and other hacker groups supporting Ukraine took over 400+ Russian cameras. At the same time, the real-time information of the control camera was shared on the behindenemylines.live website, and the working environment and content of many sensitive Russian agencies were broadcast live, which brought serious harm.

As the Russian-Ukrainian conflict escalates, attackers are targeting important IoT devices, especially cameras. On March 1, Anonymous claimed control of the surveillance system, including hundreds of camera devices, on Twitter, along with some clear camera screenshots.

We are #Anonymous

We have taken control of more Russian cameras near the Ukrainian border in support of #Ukraine #OpUkraine #OpRussia pic.twitter.com/rpJzIAk4iI

— AnonymousLT (@Anonymous_LTU) March 1, 2022

"A mistake made twice is a lesson not learnt." – Anonymous

Anonymous hit the Belarusian surveillance system. More than 240 cameras are now sabotaged.#Ukraine #oprussia #Anonymous #UkraineWar #Belarus #UkraineRussiaWar pic.twitter.com/zMyItfrzF4

— AnonymousLT (@Anonymous_LTU) March 1, 2022

At the same time, Anonymous claimed to use weak passwords to log into the camera system and change the password to force the camera administrator to go offline.

#Anonymous | #GhostSec:#Russian IP cameras were put in place to monitor #Ukrainian movements. We made sure to lock the Russians out of their own little spying devices by changing their default passwords and knocking their stuff offline..

🇺🇦🤷‍♂️🇺🇦 pic.twitter.com/olXDYSoRhQ

— Pwnipotent (@Pwnipotent) March 1, 2022

The intrusion of cameras in normal times will affect corporate and personal privacy. During the national confrontation, attackers can monitor high-value clues such as military and material mobilization by controlling cameras. In the process of attacking camera assets, camera devices exposed to the Internet are often the first target of attackers. At the same time, attackers can conduct supply chain attacks on cameras belonging to the same manufacturer, destroy upstream servers. In order to avoid similar supply chain security incidents, countries should sort out and dispose of camera equipment exposed on the Internet in advance.

The loss of a camera asset can trigger a supply chain security incident. At present, cameras have become an indispensable monitoring device for organizations and families. The data of these devices are mostly private data, and the consequences of being invaded or illegally used are unimaginable. Attackers can use camera manufacturers to conduct supply chain attacks on cameras belonging to the same manufacturer. If the manufacturer’s cameras are widely used around the world, supply chain security incidents will occur.

It is recommended that important enterprises in various countries use spatial mapping technology to sort out their camera assets exposed on the Internet, try to avoid exposure to the Internet, and reduce the risk of being attacked. At the same time, the regulatory authorities of various countries conduct periodic sorting, risk assessment, and guidance disposal of assets within their jurisdiction to avoid direct exposure of camera assets to the public network.