South Korea’s military has been forced to remove over 1,300 surveillance cameras from its bases after learning that they could be used to transmit signals to China, South Korean news agency Yonhap reported.
The cameras, which were supplied by a South Korean company, “were found to be designed to be able to transmit recorded footage externally by connecting to a specific Chinese server,” the outlet reported an unnamed military official as saying.
Korean intelligence agencies discovered the cameras’ Chinese origins in July during an examination of military equipment, the outlet said.
How the fuck did that happen?
Dear south korean government
please hire me instead. I promise I’m so paranoid, this will never happen.
Like every military operation, the job always goes to the lowest bidder, that is still overpriced, because it’s just tax money. That’s what always cracks me up about stuff that is marketed as military grade.
It’s still expensive because everything has to go through OPSEC.
It’s expensive because it has to go through a dozen layers of private contractors.
The US military was remarkably good at rapidly churning out cheap, effective armorments during the WW and early Cold War era. But the LBJ/Nixon pivot to private industry eroded all the efficiency. Then Reagan kicked military spending into overdrive in the 80s, and it’s been a snowball of waste, fraud, and embezzlement ever since.
Now the model for military procurement is just a jobs program for Congressional districts. The epitome of the Do Nothing profession.
Capitalism. They just bought the cheapest reliable enough option they could find and didn’t give two craps about infosec, because that’s too expensive to actually properly do. Minimize the financial losses of an upfront purchase. (I worked more than enough jobs in hardware design to know what management cares about and what it doesn’t)
Also, big yikes for the Israel flag in your username.
I think this is more of an OPSEC issue than an Infosec one, but both terms work.
Suppliers lie.
I know a guy who is the sole reason that software written by <adversary> isnt being currently used in <host countries most top secret defense environment>. His boss told him to lie if asked, and he refused to and informed <end user>.
Cheap devices
deleted by creator
I remember when, I think, Sony was hacked because of the movie « the interview ». It created enough of a news cycle shitstorm that our corporate overlords became excessively generous with our infosec budget and made it a tier 1 priority.
It went for measly .5% to a whooping 25% of IT expenditure.
On the other hand to really show they didn’t understand anything about it they recruited an experienced CISO and fired him a month later because an accountant’s workstation was hit by a ransomware. The guy barely had the time to start building a plan and launch a bunch of audit but still got the full blame for decades of neglects. (He eventually sued them and settled).
China is the only country that gives you lifetime free cloud storage for your devices
Whether you like it or not
Stuff like this is why I have to tell our Chinese CFO why we don’t want Huawei network devices. Yes Jeff, I know they are cheap as shit, you cheapskate, but you don’t put the cheapest solution in place to run your critical systems on!
Yes Jeff, I know they are cheap as shit, you cheapskate
Remind me again why you’d want an Apple (made in China) or OnePlus (made in China) or any of the other 70% of all cell phones available in the US? Are you just a big fan of paying extra for the same technology?
Or are you more wedded to phones made in Malaysia, India, or Vietnam for some peculiar reason?
you don’t put the cheapest solution in place
No shortage of high end Huawei models. They’ve been competitive with Samsung for nearly a decade.
If they found out it goes to a specific server, why not just block the server and maybe isolate the network from the internet? I guess its easier to replace them but what’s to say the replacements can’t have the same flaw if other precautions aren’t in place, like how do you even get to installing cameras on military bases without thoroughly vetting the firmware on them fist?
This is just bad spy craft. You don’t tell the person who bugged you that you found their bug. You mess with their head by setting up false flags.
Like have maps of China and what look like troop movements.
Or details about tank man.
Maybe this is a double head fake and they have compromised the server in China?
Why not have the cameras on a VLAN that has no Internet access?
Just use a system that connects to a server on base and nothing else
I wonder if my toiletcam feeds to that server too.
Share the URL if you find out it does
What’s a URL?
urinal related livecam
PW;DR
So if they purchased Ring cameras that are feeding everything to American AWS servers it would be ok?
Seems stupid that in a military install they’re using cloud shit
Business Insider - News Source Context (Click to view Full Report)
Information for Business Insider:
MBFC: Left-Center - Credibility: High - Factual Reporting: Mostly Factual - United States of America
Wikipedia about this sourceYonhap News Agency - News Source Context (Click to view Full Report)
Information for Yonhap News Agency:
MBFC: Right-Center - Credibility: High - Factual Reporting: Mostly Factual - South Korea
Wikipedia about this source
