Take a Virtual, Interactive Tour 

Cyber Security, UAT News, Technology News

  |  
7 Min Read

Surveillance... or Infiltration?

This week, AZ Family News reported “Security cameras at Tempe hospital, Graham County detention center allegedly hacked in huge breach,” detailing a potential security breach at St. Luke’s Hospital in Tempe, AZ. The article cited startup Verkada Inc., which produced the security cameras for St. Luke’s, explaining how hackers are able to target and access these systems.

cameras-1

Aaron Jones, UAT Lead Cyber Instructor and leader in the local cyber community, commented on this story as well as how it is possible for hackers to infiltrate systems such as these.

“The hackers claimed to have accessed data and live feeds from 150,000 cameras used by Verkada clients, including big names like Tesla and software company Cloudflare. St. Luke's Hospital in www.azfamily.com

Ubiquitous surveillance is a double-edged sword, and while cameras have been instrumental in solving crimes and locating missing person, their use can also be a severe blow to privacy. The current "attack" perpetrated by an alleged collective of individuals is another strong indicator that some basic security practices are not being followed.

Of note is mention that administrator access was gained through the use of credentials found on the internet. This is a strong indicator that two-factor authentication was not in place and therefore, someone’s admin account, once breached, was the only piece of protection between the outside world and their most private files.

It also would be indicative that if true that only a single set of credentials were used, that it is possible, that the admin was reusing credentials in multiple places. Another thing we certainly would not want to do.

laptop-1

Companies who have had their data accessed are still victims, even if a third party was the ultimate culprit. We have seen this targeting of third-party providers in many breaches, such as the famous Target breach, and it is a concern that we should always keep in the back of our minds. We can do much to secure our own systems, but what are our partners doing to secure theirs?

We should expect that any piece of infrastructure left online could be of interest to someone with ill intent. Cameras are a very easy target and due to their very nature, will often contain plenty of entertaining or interesting data. I believe this "breach" is an excellent reminder of how important it is to follow basic security practices, such as not reusing credentials, implementing two factor authentication, and working with your vendors to verify that they are following industry standard practices in cyber security.”

 


 

More about Aaron: 

Aaron Jones-1Aaron Jones, the lead Cyber Instructor at the University of Advancing Technology, is a softwaredeveloper who currently creates applications for law enforcement. He is also an AZ POST certified General Instructor as well as a public speaker. He earned a B.Sc., in Computer Information Systems from Park University in 2013 and an M.A., in Intelligence Analysis with a focus in Cyber Security in 2014. He has been the recipient of recognition from the El Paso Police Department, State of Texas, Texas Military Forces, Chandler Police Department, and others. 

 


 

Interested in studying cyber security?

Sponsored by the U.S. National Security Agency and Homeland Security Department, University of Advancing Technology’s ethical hacking degree is highly regarded by industry and government entities. UAT’s Network Security Bachelor of Science degree prepares students to take on the ever-evolving world of information security. Network security students will receive hands-on technical training and learn best of class software and network programming and essential network security analysis.

Find out more at https://www.uat.edu/network-security-degree. And apply at www.uatfastapp.com

CyberCave-1

Comment

GSA Clubs and the Importance of Diversity On Campus

Every Month is Pride Month at UAT This Pride Month, we want to highlight the importance of diversity and safe spaces on a college campus. Last year, the University of Advancing Technology (UAT) ...

Life Saving Skills Learned at C2 Event

Training for Situations, Hoping They Never Happen On Monday, May 16, 2022, UAT student Emilio Cress and Professor Aaron Jones participated in a local escape and evasion course put on by C2Tactical, a ...
Picture of Erin Sullivan Erin Sullivan 7 Min Read

Inspiring Innovation During the Spring SIP Showcase

SIP, SIP, HOORAY! Our Spring 2022 Student Innovation Project (SIP) Showcase was back in person this semester! On Tuesday, April 26, 2022, University of Advancing Technology (UAT) students gathered in ...
Picture of Erin Sullivan Erin Sullivan 7 Min Read