Slashdot Mirror

← Back to Stories (view on slashdot.org)

Thieves Hacking Security Cameras?

Posted by samzenpus on from the steal-from-home dept.

The FBI is investigating fifteen store robberies in eleven states, committed via phone and internet. The perpetrators hack the store's security system so they can observe their victims. They then make customers take their clothes off and get the store to wire money. From the article, "A telephone caller making a bomb threat to a Hutchinson, Kan., grocery store kept more than 100 people hostage, demanding they disrobe and that the store wire money to his bank account. ... officials were investigating whether the caller was out of state and may have hacked into the store's security system. "If they can access the Internet, they can get to anything," Hutchinson Police Chief Dick Heitschmidt said. "Anyone in the whole world could have access, if that's what really happened.""

11 of 181 comments (clear)

  1. Duh by nlitement · · Score: 1, Informative

    It's called "Google hacking", you do it by searching with secret undergound hacker keywords and finding open remote camera viewer applets. Some applets even let you control the camera.

    1. Re:Duh by Lumpy · · Score: 4, Informative

      Mostly it's incompetent IT and store managers that have installed panasonic IP cameras and left them not only wide open but on the internet because the store managers are retarted and want to spend their life watching the employees.

      ALL of this stuff goes right back to raging incompetence. It's incredible how little these stores pay for IT, I had to teach the IT specialists for Walmart how to do basic networking when we were helping a client set up their network for their restaurant inside a new walmart store. The Walmart head of networking, or so he claimed to be, told me it was impossible to tunnel IP traffic safely through a network, no. he did not understand what a VPN was and then told me that VPN is not allowed as it's insecure and unencrypted!.... and then I had to hold their hands and show them how easy is really is to patch a phone line to a cat 5 jack in the phone room. Their network engineer told me flat out that DSL will not work over cat-5e cable. "The phone company uses Cat6 to your house!" is what he said. I was amazed at how undereducated these IT and networking people were.

      With that kind of incompetence due to very low pay, it does not surprise me that security cameras are put on the net directly.

      --
      Do not look at laser with remaining good eye.
  2. Re:"wire money to his bank account"? by morgan_greywolf · · Score: 5, Informative

    That depends on what country the bank account is in. In some countries, bank accounts can't necessarily be tracked back to the owner, they are secured only by a really, really fscking long account number.

    --
    My blog
  3. Why CCTV is on the internet by G4from128k · · Score: 5, Informative

    It's a valid question. Companies put security cameras on the internet to enable remote recording and control. It lets the central office or outsourced security firm handle all the digital video and dispatch police/fire services from a cost-efficient central location. If you owned 100 convenience stores in 10 states, where would you put the security office and how would you link them?

    Rather than build a dedicated hardwired telecom network, companies are using the internet to connect everything together (security systems, financial systems, medical records, industrial control, etc.) As we can see from this example, they think they've created their own virtual network (of some degree of privacy), but in practice, the system is extremely vulnerable. I'd bet that more than a few internet-connected security cameras run with factory-default passwords.

    --
    Two wrongs don't make a right, but three lefts do.
  4. Re:Dumber than dumb by endianx · · Score: 5, Informative

    And easily found if you know what to look for.

  5. Re:CCTV by ptbarnett · · Score: 3, Informative
    Why are the security cameras on anything other than a closed circuit? It makes no sense for their cameras to be connected to the internet.

    Read further in TFA:

    Initially, the caller led employees to believe he was observing them.

    "After a while, it sounded like he was just taking a shot in the dark at what they might be doing, or what they looked like or how they were reacting to his call," Prescott police Lt. Ken Morley said.

  6. In other news... by dark-br · · Score: 3, Informative

    People are stupid. Google for: inurl:"ViewerFrame?Mode="

    And have fun...

  7. Re:Dumber than dumb by adona1 · · Score: 2, Informative

    "No, it's not loaded! Here, I'll prove it to you!"


    If only we could get Police Chief Dick Heitschmidt to say that as well ;)
    --
    Between the falling angel and the rising ape
  8. Re:CCTV by ralphclintellis · · Score: 2, Informative

    According to current reports, the claim that the cameras were compromised was withdrawn.

  9. Re:CCTV by Fox_1 · · Score: 3, Informative

    Mod Parent up - this was actually withdrawn yesterday - the cops spread at little FUD with their Internet Hackers working the Security Camera Comments - but now they have backed off on this statement, particularly since the Hutchinson Incident was caused by locals who have been taken into custody.
    see here
    Oh and no bombs have ever been found, there are a lot of embarrassed people out there who have really overreacted to these 'menacing & scary' phone calls.

    --
    The rock, the vulture, and the chain
  10. Re:Dumber than dumb by hax0r_this · · Score: 2, Informative

    The governor just commuted his sentence to life:
    http://www.chron.com/disp/story.mpl/ap/tx/5095674. html