Spanish
Four people have been arrested in South Korea for hacking home surveillance cameras placed in homes or businesses. Their goal was to obtain recordings with sexual motives to sell them on a global pornographic page.
The four suspects were not acting together, according to the Korean authorities. They were arrested separately. This type of camera called IP ("internet protocol" in English), which are connected to the network so that their owners can view them from other places, are common for monitoring children, the elderly, pets or for security reasons. But the transmission of the content over the internet makes them very vulnerable. They are devices that come with pre-installed factory passwords and that, if not changed, are easily traceable or exploitable by hackers. On the internet there are popular pages that broadcast live tens of thousands of cameras, mostly in public places or focused on exteriors.
One of the detainees, who is unemployed, managed to access 63,000 cameras, created 545 videos of sexual content and earned about 20,000 euros in cryptocurrencies by selling them. Another of the suspects was a clerk who entered 70,000 cameras, created 648 videos and earned about 10,000 euros. These more than a thousand clips are, according to the authorities, 62% of the material published on the global porn page, in which there are recordings from several countries. The Korean police are working with authorities from other countries to try to close it.
The other two detainees hacked fewer cameras and did not market the content, but stored it on their own devices. The authorities have informed 58 victims that they have suffered this hack. South Korean police have also arrested three people who bought this type of material on the internet, which is also a crime.
Despite the magnitude and consequences of this attack, similar cases often occur due to the ease of access for someone with some technical knowledge. Last November, a similar case arose in India: hackers sold about 50,000 clips taken from hospitals, schools, and homes across the country. The authorities explained the simplicity of the technical process thanks to the use of three pieces of software that are used to find cameras in a specific region, the open ports that allow remote communication, and then more sophisticated access to their passwords.
There have been other notable cases that have emerged in recent years, such as the 2021 vulnerability of 150,000 cameras from the company Verkada or a June report this year where more than 40,000 security cameras were found broadcasting openly on the internet. The conclusion of these hacks is that there are probably hundreds of thousands of cameras focusing on the interior of public and private buildings easily accessible remotely. The combination of insecure devices, uninformed users, and the mass adoption of this type of camera creates an ecosystem prone to large-scale abuse. The best solution, according to specialists, is to change the default factory passwords, update the firmware (the internal software that allows a device to function), and limit remote access.
