[Security Weekly] Hackers Leak Security Camera Footage From Tesla, Hospitals, Banks, Prisons, and More
2nd Week of March 2021
1. Hacktivists leak surveillance footage from Tesla, hospitals, banks, prisons, and more
Verkada, a California-based provider of cloud-based security cameras and services, suffered an intrusion that led to the exposure of all surveillance footage from over 150,000 security cameras used by its customers. Among the customers were companies like Tesla, Cloudflare, Equinox, as well as a number of hospitals, banks, prisons, schools, and police stations.
Self-claimed as hacktivists, the hackers breached Verkada with the intention of demonstrating how vulnerable security cameras are, and sent the hacked footage to Bloomberg. Among them was footage from more than 200 cameras inside Tesla factories and warehouses, footage from web security firm Cloudflare, footage showing patients being treated at Halifax Health — a hospital in Florida, footage from inside the Bank of Utah, Equinox gyms, a police station in Massachusetts, an elementary school in Connecticut, and a prison in Alabama.
The hacker claimed to have gained access to an admin account in Verkada by using login credentials exposed on the Internet. Experts suspect that the credentials may have been initially exposed from a spear-phishing email attack. This is why it is strongly recommended to secure corporate login credentials by adopting an identity and access management (IAM) solution with multi-factor authentication (MFA) like iSIGN+.
Sources: Bloomberg, Threatpost
2. Spanish employment agency halts service after infected with Ryuk ransomware
State Public Employment Service (SEPE), an autonomous agency in Spain responsible for unemployment benefits of the country, suffered an attack by operators of the Ryuk ransomware, forcing it to shut down a significant proportion of IT and communications systems.
A total of 710 offices of SEPE were temporarily closed, delaying thousands of unemployment benefit applications. This occurred at a time where the country is experiencing a surge in unemployment claims due to the COVID-19 pandemic.
The agency said that while it continues to work on resuming service, its staff has been manually reviewing and processing the applications. The application deadlines have also been extended.
The Spanish trade union stated that SEPE lacked proper security measures capable of defending such attacks, as the agency had been using legacy IT systems with an average age of 30 years.
Sources: Infosecurity, Bleeping Computer
3. Molson Coors discloses service disruptions caused by ransomware attack
Molson Coors, a US-Canadian beverage firm and one of the largest brewing companies in the world, disclosed suffering a ransomware attack which caused the company to shut off large parts of its IT infrastructure. Molson Coors is well known for its brands like Coors Light, Molson Canadian, and Blue Moon.
According to a filing with the US Securities and Exchange Commission (SEC) on March 11, the attack disrupted the company’s brewery operations as well as production and shipments. While informing about expected shipping delays to its customers, the company has hired a third-party cybersecurity provider to help it recover from the incident.
It remains unclear which ransomware gang was responsible for the attack, or whether personal data was leaked in the incident.
Sources: ZDNet, Bleeping Computer
Check out Penta Security’s product lines:
Web Application Firewall: WAPPLES
Database Encryption: D’Amo
Identity and Access Management: ISign+
Car, Energy, Factory, City Solutions: Penta IoT Security