
Hackers hit D.C. police closed-circuit camera network, city officials disclose - eplanit
https://www.washingtonpost.com/local/public-safety/hackers-hit-dc-police-closed-circuit-camera-network-city-officials-disclose/2017/01/27/d285a4a4-e4f5-11e6-ba11-63c4b4fb5a63_story.html
======
a3n
> City officials said ransomware left police cameras unable to record between
> Jan. 12 and Jan. 15. The cyberattack affected 123 of 187 network video
> recorders in a closed-circuit TV system for public spaces across the city,
> the officials said late Friday.

> Sercet Service spokesman Brian Ebert said the safety of the public or
> protectees was never jeopardized.

Which implies that we're perfectly safe without these systems.

~~~
vvggff
In the short term...

~~~
AckSyn
always. Someone watching cameras of people driving isn't going to do anything
to "make us safer". It was never about public safety.

~~~
a3n
But it may be about keeping those in power safe from the public.

~~~
poizan42
And here we thought that "public safety" was about keeping the public safe,
while actually they were talking about keeping themselves safe from the
public.

~~~
jeron
In Washington DC, public safety is more focused on the safety of most
importantly the president, followed by elected officials like congressmen.

------
privong
> On Jan. 12 D.C. police noticed four camera sites were not functioning
> properly and told OCTO. The technology office found two forms of ransomware
> in the four recording devices and launched a citywide sweep of the network
> where they found more infected sites, said Vemulapalli.

This is interesting, because it suggests (to me) that the systems were note
specifically targeted because they were part of the CCTV system but were
instead caught up in a broader wholesale ransomware attack on whatever system
the attackers could get their hands on?

I'm not sure if an un-targeted attack is more or less concerning than a
targeted attack. One could of course make a "they should take more care with
purportedly critical systems" statement. But the un-targeted scenario implies
that a targeted attack on the system could be much more devastating.

~~~
hbk1966
If it was targeted and they wanted to disrupt it during the inauguration. I'd
think they would've had it lay dormant right up until the inauguration.

------
hackuser
If cities want to protect their citizens from authoritarian oppression of
their residents, they should start dismantling the mass surveillance systems.

Who knows what the next Executive Order will suddenly implement.

~~~
ci5er
> If cities want to protect their citizens from authoritarian oppression of
> their residents

Why would they want that? They worked hard to reach their current positions,
and may have grander ambitions still...

------
JumpCrisscross
Is it safe to assume all these networks have been pwned by, at a minimum, the
Russians, Chinese and Israelis as well as, in all likelihood, a not-
insignificant number of tech-savvy criminal syndicates.

~~~
privong
It sounds pretty plausible. But, I'm not sure what benefit that gives them?
The article says the cameras are trained on public spaces. So in principle
they (China, Russia, etc.) could get the same information by having an agent
just hang out there (yeah, I know, the same can be said for the DC Police). So
pwning the CCTV cameras probably doesn't give them access to any sensitive or
novel information.

~~~
throwawayish
If you have access you can probably disrupt or modify things when the need
arises (making this kind of system even more pointless for their declared
purpose than they already are).

------
akeck
An under appreciated assumption about building out comprehensive surveillance
is that one will never lose control of it.

~~~
nfbush
And that a businessman with vested interests could take over it

------
yaur
> An investigation into the source of the hack continues, said Vemulapalli,
> who said the intrusion was confined to the police CCTV cameras that monitor
> public areas and did not extend deeper into D.C. computer networks.

I'm skeptical of this. These types of cameras typically have a cell/LTE
internet connection that should be dropping all inbound requests and connect
to some sort of a back end via VPN. Its possible that they weren't set up to
drop inbound connections from the internet, but it seems much more likely that
they were hacked from deeper in the network.

~~~
solatic
> should be dropping all inbound requests

But then they never would've been able to detect the ransomware! How can we
make sure our systems are secure if we can't audit them, and how can we audit
our systems if we can't SSH in, and how can we meaningfully SSH in if we can
only do it from the office and not from employee computers at home? /sarcasm

~~~
yaur
Techs can VPN in from home if nessecary.

------
syphilis2
You can read more about the CCTV cameras on the MPDC website. It does a decent
job explaining why the cameras are useful, which was informative for me and I
believe would be informative for other commenters as well.

[https://mpdc.dc.gov/page/mpdcs-closed-circuit-television-
cct...](https://mpdc.dc.gov/page/mpdcs-closed-circuit-television-cctv-system#)

------
exabrial
Anyone else watch Person of Interest and think exactly what I'm thinking?

