Washington DC Surveillance Hackers Arrested

By: Brian Karas, Published on Dec 29, 2017

The US Department of Justice has announced that "Two Romanian Suspects Charged With Hacking of Metropolitan Police Department Surveillance Cameras in Connection with Ransomware Scheme" that occurred in January 2017.

IPVM initially covered the technical details in March 2017 examining Washington DC MPD's Surveillance Equipment.

In this note, we examine the criminal complaint affidavit, new information provided and the role the vendors involved, including Avrio and Genetec, had on this hack.

***** ********** ** ******* has ************* "*** ******** ******** Charged **** ******* ** Metropolitan ****** ********** ************ Cameras ** ********** **** Ransomware ******" **** ******** in ******* ****.

**** ********* ******* *** technical ******* ** ***** 2017 ******************* ** ***'* ************ Equipment.

** **** ****, ** examine *** ******** ********* affidavit, *** *********** ******** and *** **** *** vendors ********, ********* ***** and *******, *** ** this ****.

[***************]

Recorders **** *** ********** *******

** ********* ********* *********, *** ****** ******* claimed *** *** ******** used ****** ********* ** launch ** ***** **** campaign ** ********** **********. The ********** ******* **** launched **** *** *********** machines ** ** ******* by *** ******* ** disguise ***** ****** ******** and **** ** ****** to ** ****** ** authorities.

Hackers *** ********** ** ************ *** *******

***** ** ** ******** that ****** ** *** hackers ************ ********* ************ equipment, ** *******, *** did **** **** *** interest ** *** **** or ******** ***** ** the *********. ** ** likely *** ******* **** unaware *** ******* **** owned *** ******** ** the *** *** **** for **** ************, ** had **** **** ***** of ****, **** ***** have ****** ****** ** use ******** **** ***** be **** ****** ** cause ** ************* ********.

Equipment ****

** ********* ************ ** ***'* ************ Equipment, *** ******* ********** of *** ****** ****:

Integrator *****

*****, *** **********/*** **** built *** ******* **** by *** *** *********** ** ******* ** 2014. *********** *********, ***** ********** ********** as "*** ******'* ******* provider ** **-************ ********* over ******** ********", *** "guaranteed *******":

****** ***********, **************, *** similar **********-******** ********* **** Avrio's ****** ******** ****.

Remote ******* ****** ********* *******

*** (****** ******* ********) was **** ** *** hackers *** ****** ******* of *** ****** *********. Having *** ********* ** the *******, *** *** blocked ** * ******** was ****** *** ******'* primary ********** ** ********* these *******. ** ***** frequented ** *****-*********, *** Secret ******* ***** *** following **** ** *** of *** *******, ******* for "*********" ** ******** with *** *******:

Low **** ******* **** ** ***** *******

********** *** ******* **** caught ** ***** ******** found ** **** ** the ****** *********, *** tracing ***** ******** **** by **** *******. *** Secret ******* *** **** to **** ***** ***** accounts ** ***** ********, via ****** ** ******* from ****** *** ***** companies, ***** ********** *** them ** *** ******* actual ********** *** *********. Based ** *** *********** in *** ****** ******* report, *** ******* **** moderate, *** *** *********, steps ** ******* ***** identities *** ********, *** were ******** ********* ******* basic *******, *** *** the ****** ** *** kind ** **** **** tracking *******.

************, ******* ******** ** logs *** *********** **** on *** *********, *** Secret ******* *** **** to ******** **** ******* of *** *******, *** contacted ***** ******* ** retrieve ********** ******* **** helped ** ******** *** hackers:

Responsibility ** ******* *** ***********

***** **** ********* * fundamental ****** ********:

  • ******* ******* *** *** appliances **** ******* ******** and ******** ** *** Windows **, ******** *** devices ** **** ****. Genetec *** ***** ******* allowing **** ******* ******** and ************* *** **** *** customers ** ****** ********* recommendations *** ***** *******.
  • *** ******* **** **** publicly ********** *** *** not *** * ***, a ******* ********* ** the*********** ******* ****. *** *** ****** video ************ ******, *** certainly *** ** *******, exposing *** ******* ** public ****** *** * major *******. *****'* ***** led ********* ** ******* that **** **** ********** best-in-class *** *******-***** ********* optimized *** **** ******** applications, **** ** **** they ******** ******* **** multiple *************** ******* *** unchanged ******* ******** *** lack ** ****** ************.

Comments (8)

Undisclosed #1

12/29/17 06:24pm

***** ** ** ******** that ****** ** *** hackers ************ ********* ************ equipment, ** *******, *** did **** **** *** interest ** *** **** or ******** ***** ** the *********.

***, **** ********* *******.

Undisclosed Integrator #2

In reply to Undisclosed #1 | 12/29/17 07:48pm

* ***** *** ** *** ********* *********, ** ********, **** than *******. *** **** ***** *** ***** ** *** **** since ***** ****** **** **** *******?

Undisclosed Integrator #3

01/01/18 07:14am

**** **** ******** ** enough ** *** ** boss ** ****** ** me. ****** *** *******.

Avatar

John Day

01/02/18 03:42pm

*'* ******* **** *** customer ****'* ******* *** contractor ** *** * VPN *** **** *** hackers **** *** ** get ** - ****'* almost ** *** **** as ***** ******* *********!

** **** ***** ** we ******** *** *** word "*********"? **** *'* love ** **** ** whether ***** *** ******** in *** ************* ********* any ******** ** ******* security ** ******* **** was ****** *** ********** leaving *** ****** ****.

************* ******* ** ** fault ***** ******** ***** (correctly) **** **** ** an ******** ******** ** the ******** ********.

Undisclosed #1

In reply to John Day | 01/02/18 04:04pm

** *** ***** ** ******* *** **** ** **** ** less ********** **** * ******* ******* **** ****?

Avatar

Scott Napier

In reply to Undisclosed #1 | 01/02/18 04:15pm

* ***** *** **** are ***** ** ** different, *** *** ** probably ******* *** **** frequently ***** ***** ** it ******** **** ** a ************* ** ** assumption ** *******.

Undisclosed Integrator #3

In reply to John Day | 01/02/18 04:17pm

* ***** ***** **** depending ** * ********** to ****** **** ******** networks ** * *** idea **** *** *****. You ****** **** ********* professionals ** ***** ** not **** ******* ********* on ***** ***********, *** also ** **** **** they ******* *** ****** it ***** *** *********** protective ********.

Avatar

John Day

01/02/18 04:56pm

**** *** ** ***** - ** *** *** guy ***** *** *************** then ** *** ******** get ********** ** ***** to **** *** * service **** ******. * hack ***** *** ***** likely **** *** *** guy **** ******* ** the ****** ** ******** - * **** ** a ****** ***** ******* only **** *** ****** to *** ******.

***** ** **** **********? Based ** * ***** Shodan ******, ******* *** certainly **** *********... * rdp **** ***** ** more ***********.

*** ***** **** **** is **** ******** (**** RDP) **** ***'* ********* to *** ********* ** the ****** ****** ** blocked ** *** ********.

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports on Police

Embattled $400 Million China Funded Philippines Surveillance System Proceeds on Jun 13, 2019
An embattled 12,000 camera surveillance system project that will cost ~$400 million will proceed.  The project contract was awarded, had its...
China Jaywalking Facial Recognition Guide on May 27, 2019
News reports touting the PRC's AI prowess often showcase facial recognition cameras being used to automatically catch and fine jaywalkers.  In...
Kidnapping Victim Rescued With Video From Ring Doorbell Camera on May 24, 2019
A kidnapping victim was rescued within 24 hours, with the police crediting video from a Ring Doorbell camera as key to solving the case. A girl was...
Amazon Ring Public Subsidy Program Aims To Dominate Residential Security on May 20, 2019
Amazon dominates market after market. Quitely, but increasingly, they are doing so in residential security, through a combination of significant...
Bank Security Manager Interview on May 15, 2019
Bank security contends with many significant threats - from fraudsters to robbers and more. In this interview, IPVM spoke with bank security...
China PRC Government New National Video Surveillance Standards on May 14, 2019
The People's Republic of China (PRC) government has released a new set of overarching standards for authorities to follow when they install video...
Aegis AI Gun Detection Video Analytics Startup on May 07, 2019
Gun detection analytic startups are increasing as the promise of AI and the threats of active shooters grow.  One company, Aegis AI, is being led...
Verkada Wins $783,000 Memphis Deal on Apr 29, 2019
The US city, most famous in video surveillance for standardizing on Hikvision, has issued an RFQ for 962 Verkada cameras due Wednesday, May 1,...
"Automated Racism": Chinese Tech Companies Profiling Ethnic Minority on Apr 26, 2019
Scrutiny of Chinese facial recognition providers, including Hikvision, has sharply increased following a New York Times report that they developed...
UK Camera Commissioner Calls for Regulating Facial Recognition on Apr 15, 2019
IPVM interviewed Tony Porter, the UK’s surveillance camera commissioner after he recently called for regulations on facial recognition in the...

Most Recent Industry Reports

Responsibility Split Selecting Locks - Statistics on Jul 22, 2019
A heated access debate surrounds who should pick and install the locks. While responsible for selecting the control systems, integrators often...
Vivotek Trend Micro Cyber Security Camera App Tested on Jul 22, 2019
Vivotek and Trend Micro are claiming five million blocked attacks on IP cameras, with their jointly developed app for Vivotek cameras. This new...
Avigilon ACC7 VMS Tested on Jul 22, 2019
Avigilon's Control Center 7 boldly claims it will "transform live video monitoring" with the new Focus of Attention "AI-enabled" interface. We...
History of Video Surveillance on Jul 19, 2019
The video surveillance market has changed significantly since 2000, going from VCRs to emerging into an AI cloud era.  The goal of this history...
Mobile Access Usage Statistics 2019 on Jul 18, 2019
The ability to use mobile phones as access credentials is one of the biggest trends in a market that historically has been slow in adopting new...
New GDPR Guidelines for Video Surveillance Examined on Jul 18, 2019
The highest-level EU data protection authority has issued a new series of provisional video surveillance guidelines. While GDPR has been in...
Wyze AI Analytics Tested - Beats Axis and Hikvision on Jul 17, 2019
$20 camera disruptor Wyze has released free person detection deep learning analytics to all of their users, claiming users will "Only get notified...
Anyvision Aims For 2022 Revenue of $1 Billion on Jul 17, 2019
Only 3 video surveillance manufacturers do a billion dollars or more in annual revenue - Hikvision, Dahua, and Axis. Now, Anyvision plans to join...
HD Analog vs IP Guide on Jul 16, 2019
For years, HD resolution and single cable signal/power were IP camera advantages, with analog cameras limited to much lower resolution and...
How To Troubleshoot Wiegand Reader Problems - Inverted Wiring on Jul 16, 2019
Wiegand is the dominant method of connecting access readers, but problems can arise for installers. In fact, one of the most difficult reader...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact