Advertisement

Russia Exploits Civilian Cameras for Surveillance on NATO Logistics to Ukraine

A Russian effort to keep an eye on NATO's supply lines to Ukraine has been exposed by Dutch intelligence, and it was done with the help of unassuming internet cameras. By making inroads into IP camera security, hackers have made a point of how civilian technology is being put to military use, and why there is a need for prompt action on cybersecurity.

Advertisement
Advertisement

In what amounts to a live feed of NATO logistics en route to Ukraine, Russia’s security apparatus has been found co-opting standard issue webcams and even doorbells. The Dutch say their investigation turned up activity along roads that run by depots and bases, a case in point for the kind of low-cost, high-yield intel that can be had from repurposing off-the-shelf gear in place of satellites or drones.

There is more at play here than a matter of privacy. A view from a building or a street can tell you when a convoy is moving, where it is going and what it is carrying, which is no small thing for NATO to have to factor in. In some ways, the very feeds put in place for the safety of a business or a home have been made to serve a war effort without the owner’s knowledge.

What Dutch agencies found

The AIVD and MIVD, the Netherlands’ domestic and military security services, put together a picture of a sizeable Russian campaign directed at web-enabled cameras in European NATO countries, the Netherlands and Ukraine among them, that line the paths of military transport.

Kremlin-affiliated operators were able to get inside internet protocol cameras with a view of the flow of goods to Kyiv. When the full extent of it was known, those with cameras in the vicinity were put on notice to put some steel in their defences.

You won’t find any high-tech wizardry in the method. The attackers made do with common apps to find open devices and made their way in because so many of these units are left with the bare minimum of protection. It is all too easy to get in when default logins and old firmware are in play, as most owners don’t seem to appreciate.

Why everyday cameras became soft targets

With the spread of good broadband and cheap hardware out of China, there is an IP camera on every corner. The type of doorbell unit that lets one see the front of the house from a phone is commonplace, yet the security side of things is frequently overlooked, and millions are left open to being accessed from a distance.

That is the rub, according to the Dutch: an over-reliance on stock settings and unpatched software. Find a weak link online and you are in. It is a more economical and less involved way to get better detail from the ground than to go after a drone or satellite.

The Dutch have put out some advice to head off the risk:

– Make sure the software and firmware on every camera is current

– Ditch the default password for something strong and unique

– Go over the configuration and turn off any remote access that isn’t needed

Part of a wider battlefield pattern

What has come to light in the Netherlands is in keeping with a change in how intelligence is gathered in a conflict. A determined party can make a camera on a street or at a shop into a tool for surveillance.

Ukraine has been at it with Russia. Their side has commandeered Russian cameras to follow troops and set up for long-range fire, as was the case with an undersea drone used on a sub in Novorossiysk.

It is not just in Europe. In the Middle East, Israel has pointed to Iran using private cameras to zero in on targets for its strikes. There are also accounts of Israeli and CIA operatives working their way into the video feeds in Tehran to put a location on the late Supreme Leader Ali Khamenei prior to the opening of hostilities with Iran.

What authorities did next

After the cameras were brought to light, the AIVD and MIVD put out an advisory to any organisation with such equipment, with an emphasis on updating and reconfiguring to keep out interlopers.

On another front, the Dutch have made a move against the pro-Russian cyber world. Some 800 servers were taken from two hosts thought to be behind attacks in Europe, a show of force that goes beyond simply putting potential victims on alert.

What it means for users and bases

The distinction between a convenience for the public and an asset for the military is wearing thin. Any group with a presence near a port or depot is now on the radar. Even a homeowner in the area may be sitting on a vantage point they didn’t mean to provide.

Here is what to look for in the coming days:

– A push to secure the networks around key supply routes

– More thorough checks of the way cameras are set up, in both the public and private sectors

– Ongoing efforts to get a hold of these ground-level views

The takeaway for a NATO planner or a regular user is the same: if a camera is not put in order, it can be the one thing an opponent uses to see in.

Advertisement
Advertisement
Advertisement