There is no denying that CCTV systems, both traditional OVR-based and cloud-based systems, serve as the first line of security in nearly all public and private organizations today. As a matter of fact, it’s for this reason that many people fail to see the need of giving these invaluable security devices the security protection that they deserve. CCTV should keep people safe and not the other way round, right? Well, that argument would be misleading because with the increased rate of cybercrimes and terrorism, no organization is truly safe if its data collection and/or storage devices are vulnerable to infiltration. CCTV systems collect and store more data than Google and Bing combined which means that they top the list of criminals’ target devices.
Rumors of some counterfeit CCTV equipment having pre-installed malicious software surfaced about two years ago in the US. In 2017, stakeholders in the global CCTV manufacturing industry started raising concerns that criminals had found ways of accessing a device’s IP address which they would then use to access an organization’s security feeds from a remote location. This conversation has since picked momentum as cases of visual surveillance data theft increased exponentially towards the end of 2017 and into 2018.
Vulnerability of CCTV Systems in Public Schools
Among the organizations that seem to have neglected their surveillance cameras most are our public schools. At least four British schools and several others from Canada recently fell victim of this negligence, with footages from their CCTV cameras doing rounds on the internet late last year and early this year Government investigators working on these cases have since revealed that most public schools are either using outdated surveillance systems, easy-to-bypass passwords, or systems without any firewall protection. This is a serious security breach which could cause unimaginable damages, particularly because all the affected schools had at least a thousand pupils by the time their security feeds were stolen. But how exactly did this happen?
CCTV Hacks in UK-Based Schools
In January 2018, an American-registered website hacked CCTV systems in some UK-based schools and posted images videos of unsuspecting pupils and teachers online. The website spied on kids at Christ The King Academy Primary School through cameras that were at that time installed near classrooms and at the school’s main entrance. Parents in the school were left speechless after realizing how unsafe the surveillance cameras had made the
institution to be and blamed the administration for not taking their kids’ safety seriously.
Another school that the malicious spies had gained access into was Christ The King Academy Primary School’s neighbor, St Mary’s Catholic Academy in Blackpool. The school which boasts of a pupils’ population of about 1,188 kids has cameras at every turn, including inside the toilets, but had not password-protected them prior to the January attack. Still in Blackpool, the criminals went to the extent of streaming live all the activities in and around Highfield Leadership Academy. This was one of the biggest security breaches in the history of Britain’s modern education system.
CCTV Hacks in Canadian Schools
In October last year was the turn of Cape Breton School’s privacy to be infringed by cybercriminals. Video surveillance images from different parts of the school were streamed by a Russian-registered website for days without the knowledge of the school’s administration. According to Nova Scotia’s privacy Commissioner Catherine Tully’s report, the school’s reluctance to advance technologically left it exposed to hacks. This was even as the Cape Breton-Victoria Regional School Board (CBVRSB) denied that schools within its jurisdiction were negligent in regards to student’s security. Beth Maclsaac, the board’s superintendent, argued that even though the damage was already done, the school boards had embarked on a mission to secure school cameras with passwords.
As the debate of whether or not schools should secure their surveillance cameras, one fact takes precedence, CCTVs are, unbelievably, making school environment more insecure than they are making it safe for kids. Schools all over the world need to come up with ways of protecting their data in the same way that big companies are doing, failure to which the cases of visual data theft will erode the confidence that parents have in them. As for the parents, it is time that they took matters on their own hands and demanded that any CCTV camera that’s not supported by the manufacturer in regards to regular updates be replaced. Privacy trainings should also be made mandatory for all school heads. These are some of the ways through which our kids will be protected from the malicious cybercriminals and terrorists.