- Author|Asuka
- Source|Welink Media
- Release time|2021-03-10
On March 10, Tesla generated two hot searches on Weibo in one day.
- The first is that the car owner reports that the brake has failed and sits on the roof of the car to defend their rights, which belongs to the category of customer disputes;
- Second, the media broke the news that the surveillance video inside Tesla's Shanghai factory was leaked, causing the production status on the premises to be exposed . The reason was that an international hacker organization invaded the database of Tesla’s partner, the security system startup Verkada, and obtained 150,000 camera video content, including data from 222 cameras in Tesla's factories and warehouses.
The Tesla factory under the Verkada camera, sourced from Bloomberg
Tesla immediately responded that the hacker’s intrusion only involved a Tesla supplier’s production site in Henan. This factory used a small number of Verkada brand cameras for remote quality management. Others, such as the Shanghai Super Factory, are in parallel with this. Not associated, and other camera equipment is connected to the company's intranet instead of the Internet. At present, Tesla has stopped the networking of these cameras and will further improve the security control of all links.
Verkada also stated on the official website that the attackers began to obtain server access, camera access, and customer lists on March 7, 2021, and continued until around noon on March 9. Since then, the company has disabled all internal administrator accounts, the security team is conducting an in-depth investigation and notified the US law enforcement agencies.
When all companies reacted afterwards, Tillie Kottmann, a member of the hacker organization responsible for the incident, said in an interview that the method of hacking the Verkada camera was not complicated. It was just a public discovery on the Internet. The user name and password of the administrator account of the users entered the Verkada network, and even they could get the root permission of the camera, and they could use the camera to execute their own code. It is reported that the companies and institutions exposed in this incident include not only the Tesla factory in Shanghai, but also hospitals, clinics, companies, prisons, schools and other places in many countries, and even the video materials in the office of the manufacturer Verkada itself.
Kotman said the purpose of this move is to show the public how popular video surveillance is and how the system can be easily hacked, and that it has not caused significant business losses to the affected units. However, to expand and lengthen the topic, we should maintain due attention and prudence in IoT security.
- On the one hand, various privacy leaks continue to occur, which firstly caused consumers to gradually increase their concerns about using webcams, and doubt whether smart speaker devices like Amazon Echo will monitor all conversations of "me";
- On the other hand, as in December last year, security researchers from Forescout disclosed 33 security vulnerabilities in four open source TCP/IP libraries, indicating that they affected more than 1 million smart devices and industrial Internet products from more than 150 vendors. , Which proves that there are hidden safety hazards that cannot be ignored at the enterprise level.
The contradiction is: deploying security precautions and making money in Guangpu business, can't have both fish and bear's paws?
In Kotman’s interview statement, there is a very personal emotional statement:
"Security camera companies only pursue benefits and neglect the protection of network security."
In fact, Verkada was established in 2016 and is mainly engaged in the security camera business. The product highlights include the migration of local security cameras to the cloud, support for customers to access and manage through the network; and support for AI vision technology, which can distinguish faces in videos And vehicles and detect and identify them. In January 2020, the company received US$80 million in financing, with a post-investment valuation of US$1.6 billion. Its customer range has also grown to more than 1,000, covering schools, enterprises, retail, hotels, medical insurance and other industries.
As mentioned in an earlier article by the Internet of Things Media, smart web cameras are a huge stock market with five major characteristics: a solid industrial foundation, clear industrial needs, easy products to make, large market space, and good scene extension capabilities. Scenarios involving transportation, security, communities, shopping malls, and civilian use can be dig deeper.
In a data provided by the early IHS Markit video surveillance intelligence service, the global video surveillance market revenue will reach 19.9 billion U.S. dollars in 2019, higher than 18.2 billion U.S. dollars in 2018, with a growth rate of 9%. In addition, the growth rate in 2017 was 9.3%, and the growth rate in 2018 was 8.7%. This is the third consecutive year that the global video surveillance market has experienced substantial growth following the small growth of 3.9% and 1.9% in 2016 and 2015, respectively.
Verkada was also established during a critical window period, and during the period from its inception to the development of good development, Verkada CEO Filip Kaliszan once said that he saw many cameras that were born from the fast-developing consumer market. But a large part of the technology is outdated, including their security concept, just to ensure that no one has unauthorized access to the tapes and monitor entities of the surveillance system.
Although there has never been absolute security in the world, it is a bit regrettable for Verkada, which has long known and understood security issues, to expose such a simple loophole to the outside world in 2021.
The reason for this is not a company's problem, or even the entire industry is not clear about what attitude should be taken to treat security protection beforehand. Before we figure it out, there is nothing wrong with prioritizing business growth.
Moreover, there is actually no one-time-and-for-all way to achieve network security. Responding to hazardous incidents in a timely manner, continuing to investigate and kill vulnerabilities and update patches and firmware, it is necessary to invest the necessary funds and manpower for network security. This is true for Verkada, and so is Haikang Dahua.
Every cyber security incident should be a learning experience
- In 2016, the “Big Eastern United States Internet Disconnection” incident used hundreds of thousands of networked devices infected by botnets, such as routers and cameras, to continuously scan for vulnerabilities and manipulate broilers to send reasonable service requests to the target. This occupies too many service resources, congested the server and cannot provide normal services to the outside world.
- In 2018, TSMC’s virus infection caused major high-end production facilities to stop production and production lines. In fact, TSMC made three mistakes: 1) The new equipment entering the production line was infected with a virus and was not detected; 2) Responsible for key production The computer of the facility is equipped with an old Windows 7 system, and it has not been patched; 3) The 445 port of the device is not closed, so that the virus can easily invade.
- After the Düsseldorf Hospital in Germany suffered a ransomware attack in 2019, the German cyber security agency BSI issued a warning to the outside world-asking German companies and institutions to update the CVE-2019-19871 vulnerability (known entry point of ransomware) Its Citrix network gateway.
- After Foxconn's factory in Mexico encountered a ransomware attack in 2020, it prompted its internal information security team to step up to complete the software and operating system security updates, while increasing the level of information security protection.
From the tracking situation along the way, network security incidents are happening all the time, and even some manufacturers can use passive protection to reduce losses to a minimum. But once there is a situation that affects the company's revenue like TSMC, it is beyond regret.
There is a saying that has been said many times. Nowadays, the targets of hackers or viruses have spread from personal PCs, traditional enterprises, governments, and school websites with weak protection capabilities, to factories, industrial equipment, smart cameras, etc. in the Internet of Everything era. Routers and many other types.
Perhaps now, we can’t just rely on slogans to make the entire industry have a sufficient understanding of safety, but looking back on the incidents that have occurred in the past few years, we can always learn lessons and gradually improve our security capabilities and awareness.
It is expected to be promoted from policy standards
- In January 2019, the Ministry of Internal Affairs and Communications of Japan amended the "Electrical Communications Business Law", requiring that from April 2020, networked terminal equipment must have anti-illegal login functions, such as cutting off external control, requiring changes to the initial default ID and password, Software can be updated from time to time, and only equipment that meets the standards and is certified can be marketed in Japan.
- In January 2020, the National Cyber Security Center of the United Kingdom specified measures that require manufacturers of consumer IoT to use unique passwords instead of default factory settings; provide a public access point to report vulnerabilities; and explain that the device is secured The minimum duration of the update.
- In September 2020, the Australian government issued the "Code of Practice: Protecting the Internet of Things for Consumers". Based on 13 principles, manufacturers are encouraged to improve the security of Internet of Things devices and consumers are encouraged to consider security features when purchasing smart devices. .
- In September of the same year, the U.S. House of Representatives passed the "Internet of Things Network Security Improvement Act of 2020", requiring all Internet-connected devices purchased by the federal government (including computers, mobile devices and other Internet-connected products) to comply with US national standards and The minimum security standards issued by the Institute of Technology (NIST).
- In November 2020, the European Union Cyber Security Agency (ENISA) issued the "Internet of Things Security Guidelines", which aims to help IoT manufacturers, developers, integrators and all stakeholders in the IoT supply chain construct, deploy or evaluate Make better security decisions when using IoT technology.
All signs indicate that, on a global scale, from government procurement, consumer purchases to manufacturers themselves, they are all in a stage of growing awareness of IoT security.
In fact, there are reasons to believe that the relevant authorities will continue to promote and improve security standards in the future, and the IoT security industry will eventually have a brighter future.
