bodyType

customContents

entityId

printArticlePageQuery

filter

article

body

urlAlias

articleSectionsContent

articleSeoArticle

articleSourceHeaderArticle

contentSchemaRenderContent

contentSubHeadlineContent

contentHeadlineContent

mainImagePrintArticleArticle

authorBlockPrintArticleArticle

contentSponsorTagContent

articlePianoPaywallContent

scmpYoutubeContent

hooksTrackPageViewArticle

query printArticlePageQuery(
  $entityId: String!
  $customContents: [CustomContentInput]
  $bodyType: BodyFormatTypeEnum
) {
  article(filter: {entityId: $entityId}) {
    entityId
    body(customContents: $customContents, type: $bodyType) {
      json
    }
    urlAlias
    ...articleSectionsContent
    ...articleSeoArticle_3o8td4
    ...articleSourceHeaderArticle
    ...contentSchemaRenderContent
    ...contentSubHeadlineContent
    ...contentHeadlineContent
    ...mainImagePrintArticleArticle
    ...authorBlockPrintArticleArticle
    ...contentSponsorTagContent
    ...articlePianoPaywallContent
    ...scmpYoutubeContent
    ...hooksTrackPageViewArticle
    id
  }
}

fragment articlePianoPaywallContent on Content {
  __isContent: __typename
  ...hooksPaywallPromiseContent
}

fragment articleSectionsContent on Content {
  __isContent: __typename
  sections {
    value {
      ...helpersCheckIfNewsSectionInFirstIndexSection
      ...entityLink
      name
      id
    }
  }
}

fragment articleSeoArticle_3o8td4 on Article {
  ...hooksArticleSeoArticle
  ...helpersCheckIsPostiesArticle
  ...helpersGetArticleTypeArticle
  entityId
  publishedDate
  updatedDate
  summary {
    text
  }
  subHeadline {
    text
  }
  body(customContents: $customContents, type: $bodyType) {
    text
  }
  keywords
  sections {
    value {
      name
      id
    }
  }
  topics {
    name
    entityId
    id
  }
  urlAlias
  authors {
    name
    id
  }
  images {
    style(filter: {style: "768x768"}) {
      url
    }
  }
  readingTime
}

fragment articleSourceHeaderArticle on Article {
  urlAlias
  ...entityLink
}

fragment authorBlockPrintArticleArticle on Article {
  ...defaultArticleDateContent
  ...authorNamesArticle
}

fragment authorNameAuthor on Author {
  ...entityLink
  name
  entityUuid
}

fragment authorNamesArticle on Article {
  authorLocations
  authors {
    entityId
    location
    ...authorNameAuthor
    id
  }
}

fragment blockquoteQuoteContent on Content {
  __isContent: __typename
  ...contentShareWidgetContent
}

fragment checkersCheckContentContainsStarlingImageContent on Content {
  __isContent: __typename
  topics {
    entityId
    id
  }
}

fragment contentHeadlineContent on Content {
  __isContent: __typename
  headline
  socialHeadline
  ...contentHeadlineTagContent
  ...helpersUseContentSponsorContent
}

fragment contentHeadlineTagContent on Content {
  __isContent: __typename
  ...hooksContentHeadlineTagContent
}

fragment contentNewsletterWidgetContent on Content {
  __isContent: __typename
  topics {
    relatedNewsletters {
      ...helpersMassageToNewsletterItemNewsletter
      id
    }
    id
  }
  sections {
    value {
      relatedNewsletters {
        ...helpersMassageToNewsletterItemNewsletter
        id
      }
      id
    }
  }
  ... on Article {
    relatedNewsletters {
      ...helpersMassageToNewsletterItemNewsletter
      id
    }
  }
}

fragment contentSchemaRenderContent on Content {
  __isContent: __typename
  ...blockquoteQuoteContent
  ...imageContent
  ...inlineWidgetContent
  ...photoGalleryWidgetContent
  ...scmpYoutubeContent
}

fragment contentShareWidgetContent on Content {
  __isContent: __typename
  entityId
  urlAlias
  shortUrl
  socialHeadline
  headline
}

fragment contentSponsorTagContent on Content {
  __isContent: __typename
  ...helpersUseContentSponsorContent
}

fragment contentSubHeadlineContent on Content {
  __isContent: __typename
  subHeadline {
    json
  }
  summary {
    json
  }
  ...contentSchemaRenderContent
}

fragment defaultArticleDateContent on Content {
  __isContent: __typename
  ...hooksArticleDateUtilsContent
}

fragment entityLink on BaseWithApplicationAndUrlAlias {
  __isBaseWithApplicationAndUrlAlias: __typename
  __typename
  entityId
  entityUuid
  urlAlias
  urlRedirect {
    toUrl
    id
  }
  application {
    entityId
    id
  }
  ... on Section {
    fullSectionPath {
      entityId
      id
    }
    parentSection
  }
  ...helpersAppBarVariantBase
  ...helpersApplicationBase
  ...helpersCheckIsPlusArticle
  ...helpersStyleSectionContent
}

fragment helpersAppBarVariantBase on BaseWithApplicationAndUrlAlias {
  __isBaseWithApplicationAndUrlAlias: __typename
  ...helpersCheckIsLiveArticle
  ...helpersCheckIsPlusPage
  ...helpersCheckIsPostiesArticle
  ...helpersCheckIsPostiesPage
  ...helpersCheckIsPostMagazineArticle
  ...helpersCheckIsStyleArticle
  ...helpersSectionContent
  ...helpersStyleSectionContent
}

fragment helpersApplicationBase on BaseWithApplicationAndUrlAlias {
  __isBaseWithApplicationAndUrlAlias: __typename
  ...helpersCheckIsPostiesArticle
  ...helpersCheckIsPostiesPage
  ...helpersCheckIsPlusPage
}

fragment helpersCheckIfNewsSectionInFirstIndexSection on Section {
  name
}

fragment helpersCheckIsAmpEnabledArticle on Article {
  entityId
  types {
    value {
      entityId
      id
    }
  }
  sections {
    value {
      entityId
      id
    }
  }
  disableOffPlatformContent
  sponsorType
  published
  ...helpersCheckIsPlusArticle
  ...helpersCheckIsPostiesArticle
}

fragment helpersCheckIsLiveArticle on Article {
  flattenTypeIds
  liveArticle {
    status
    id
  }
}

fragment helpersCheckIsMainTopicContent on Content {
  __isContent: __typename
  topics {
    entityId
    id
  }
}

fragment helpersCheckIsPlusArticle on Content {
  __isContent: __typename
  ... on Article {
    paywallTypes {
      entityUuid
      id
    }
  }
}

fragment helpersCheckIsPlusPage on Page {
  urlAlias
}

fragment helpersCheckIsPostMagazineArticle on Article {
  sections {
    value {
      entityId
      id
    }
  }
}

fragment helpersCheckIsPostiesArticle on Article {
  sections {
    value {
      entityId
      id
    }
  }
}

fragment helpersCheckIsPostiesPage on Page {
  urlAlias
}

fragment helpersCheckIsStyleArticle on Content {
  __isContent: __typename
  sections {
    value {
      entityId
      id
    }
  }
}

fragment helpersGetArticleTypeArticle on Content {
  __isContent: __typename
  ... on Article {
    types {
      value {
        entityId
        id
      }
    }
  }
}

fragment helpersMassageToNewsletterItemNewsletter on Newsletter {
  entityId
  name
  alternativeName
  description {
    text
  }
  summary {
    text
  }
  homepageDescription {
    text
  }
}

fragment helpersSanitizeArticleTypeEntityIdsArticle on Article {
  types {
    value {
      entityId
      id
    }
  }
}

fragment helpersSanitizeAuthorTypesArticle on Article {
  authors {
    types
    id
  }
}

fragment helpersSanitizedAuthorEntityIdsArticle on Article {
  authors {
    entityId
    id
  }
}

fragment helpersSectionContent on Section {
  fullSectionPath {
    entityId
    id
  }
}

fragment helpersStyleSectionContent on Section {
  fullSectionPath {
    entityId
    id
  }
}

fragment helpersUseContentSponsorContent on Content {
  __isContent: __typename
  topics {
    entityId
    sponsor {
      ...sponsorTagSponsor
      name
      type
      id
    }
    id
  }
  ... on Article {
    sponsorType
  }
  ...helpersCheckIsMainTopicContent
}

fragment hooksArticleDateUtilsContent on Content {
  __isContent: __typename
  createdDate
  publishedDate
  updatedDate
}

fragment hooksArticleSeoArticle on Article {
  ...helpersCheckIsPostiesArticle
  ...helpersCheckIsPostMagazineArticle
  ...helpersCheckIsStyleArticle
  ...hooksContentHeadlineTagContent
  ...helpersCheckIsAmpEnabledArticle
  entityId
  headline
  socialHeadline
  types {
    value {
      entityId
      id
    }
  }
  authors {
    entityId
    id
  }
  images {
    generic_og: style(filter: {style: "og_image_scmp_generic"}) {
      url
    }
    styles(filter: {styles: ["og_image_posties_article", "og_postmag", "og_image_style", "og_image_scmp_analysis", "og_image_scmp_explainer", "og_image_scmp_editorial", "og_image_scmp_fact_check", "og_image_scmp_debate", "og_image_scmp_live", "og_image_scmp_obituary", "og_image_scmp_opinion", "og_image_scmp_review", "og_image_scmp_series", "og_image_scmp_generic"]}) {
      url
      style
    }
    type
  }
  urlAlias
}

fragment hooksContentHeadlineTagContent on Content {
  __isContent: __typename
  __typename
  ... on Article {
    types {
      value {
        name
        entityId
        description {
          text
        }
        id
      }
    }
    ...helpersCheckIsStyleArticle
  }
  flag
  sections {
    value {
      name
      id
    }
  }
  ...hooksContentHelperContent
}

fragment hooksContentHelperContent on Content {
  __isContent: __typename
  ...helpersSanitizeArticleTypeEntityIdsArticle
  ...helpersSanitizeAuthorTypesArticle
  ...helpersSanitizedAuthorEntityIdsArticle
  flag
}

fragment hooksPaywallPromiseContent on Content {
  __isContent: __typename
  entityId
  ...helpersCheckIsPostiesArticle
}

fragment hooksTrackPageViewArticle on Article {
  entityId
  publishedDate
  headline
  sections {
    value {
      name
      id
    }
  }
  urlAlias
  authors {
    name
    id
  }
  entityUuid
}

fragment imageContent on Content {
  __isContent: __typename
  headline
  ...checkersCheckContentContainsStarlingImageContent
}

fragment inlineWidgetContent on Content {
  __isContent: __typename
  ...contentNewsletterWidgetContent
}

fragment mainImagePrintArticleArticle on Article {
  images {
    title
    url
    isSlideshow
    size_652x446: style(filter: {style: "652x446"}) {
      url
    }
  }
}

fragment photoGalleryDialogContent on Content {
  __isContent: __typename
  __typename
  ...contentShareWidgetContent
}

fragment photoGalleryWidgetContent on Content {
  __isContent: __typename
  ...photoGalleryDialogContent
}

fragment scmpYoutubeContent on Content {
  __isContent: __typename
  entityId
  urlAlias
  publishedDate
}

fragment sponsorTagSponsor on Sponsor {
  name
  type
  images {
    url
  }
}


sections

types

disableOffPlatformContent

sponsorType

published

headline

socialHeadline

authors

images

publishedDate

updatedDate

summary

subHeadline

keywords

topics

readingTime

authorLocations

entityUuid

Bloomberg

A group of hackers say they breached a massive trove of security-camera data collected by Silicon Valley start-up Verkada Inc, gaining access to live feeds of 150,000 surveillance cameras inside hospitals, companies, police departments, prisons and schools.
Companies whose footage was exposed include carmaker Tesla Inc and software provider Cloudflare Inc. In addition, hackers were able to view video from inside women’s health clinics, psychiatric hospitals and the offices of Verkada itself. Some of the cameras, including in hospitals, use facial-recognition technology to identify and categorise people captured on the footage. The hackers say they also have access to the full video archive of all Verkada customers.
In a video seen by Bloomberg, a Verkada camera inside Florida hospital Halifax Health showed what appeared to be eight hospital staffers tackling a man and pinning him to a bed. Halifax Health is featured on Verkada’s public-facing website in a case study entitled: “How a Florida Healthcare Provider Easily Updated and Deployed a Scalable HIPAA Compliant Security System.”
Another video, shot inside a Tesla warehouse in Shanghai, shows workers on an assembly line. The hackers said they obtained access to 222 cameras in Tesla factories and warehouses.

The data breach was carried out by an international hacker collective and intended to show the pervasiveness of video surveillance and the ease with which systems could be broken into, said Tillie Kottmann, one of the hackers who claimed credit for breaching San Mateo, California-based Verkada. Kottmann, who uses they/them pronouns, previously claimed credit for hacking chip maker Intel Corp and carmaker Nissan Motor Co. Kottmann said their reasons for hacking are “lots of curiosity, fighting for freedom of information and against intellectual property, a huge dose of anti-capitalism, a hint of anarchism – and it’s also just too much fun not to do it.”
“We have disabled all internal administrator accounts to prevent any unauthorised access,” a Verkada spokesperson said in a statement. “Our internal security team and external security firm are investigating the scale and scope of this issue, and we have notified law enforcement.”
A person with knowledge of the matter said Verkada’s chief information security officer, an internal team and an external security firm are investigating the incident. The company is working to notify customers and set up a support line to address questions, said the person, who requested anonymity to discuss an ongoing investigation.
Representatives of Tesla, Cloudflare and other companies identified in this story did not immediately respond to requests for comment. Representatives of the jails, hospitals and schools named in this article either declined to comment or did not immediately respond to requests for comment.
A video seen by Bloomberg shows officers in a police station in Stoughton, Massachusetts, questioning a man in handcuffs. The hackers say they also gained access to the security cameras of Sandy Hook Elementary School in Newtown, Connecticut, where a gunman killed more than 20 people in 2012.
Microsoft Outlook hack an ‘active threat’, White House says
Also available to the hackers were 330 security cameras inside the Madison County Jail in Huntsville, Alabama. Verkada offers a feature called “People Analytics,” which lets a customer “search and filter based on many different attributes, including gender traits, clothing colour, and even a person’s face,” according to a Verkada blog post. Images seen by Bloomberg show that the cameras inside the jail, some of which are hidden inside vents, thermostats and defibrillators, track inmates and correctional staff using the facial-recognition technology. The hackers say they were able to access live feeds and archived video, in some cases including audio, of interviews between police officers and criminal suspects, all in the high-definition resolution known as 4K.
Kottmann said their group was able to obtain “root” access on the cameras, meaning they could use the cameras to execute their own code. That access could, in some instances, allow them to pivot and obtain access to the broader corporate network of Verkada’s customers, or hijack the cameras and use them as a platform to launch future hacks. Obtaining this degree of access to the camera did not require any additional hacking, as it was a built-in feature, Kottmann said.
The hackers’ methods were unsophisticated: they gained access to Verkada through a “Super Admin” account, allowing them to peer into the cameras of all of its customers. Kottmann says they found a username and password for an administrator account publicly exposed on the internet. After Bloomberg contacted Verkada, the hackers lost access to the video feeds and archives, Kottmann said.
The hackers say they were able to peer into multiple locations of the luxury gym chain Equinox. At Wadley Regional Medical Center, a hospital in Texarkana, Texas, hackers say they looked through Verkada cameras pointed at nine ICU beds. Hackers also say they watched cameras at Tempe St. Luke’s Hospital, in Arizona, and were also able to see a detailed record of who used Verkada access control cards to open certain doors, and when they did so. A representative of Wadley declined to comment.
The hack “exposes just how broadly we’re being surveilled, and how little care is put into at least securing the platforms used to do so, pursuing nothing but profit,” Kottmann said. “It’s just wild how I can just see the things we always knew are happening, but we never got to see.” Kottman said they gained access to Verkada’s system on Monday morning.
Chinese spies ‘used code copied from America’s NSA’ for hacking operations
Verkada, founded in 2016, sells security cameras that customers can access and manage through the web. In January 2020, it raised US$80 million in venture capital funding, valuing the company at US$1.6 billion. Among the investors was Sequoia Capital, one of Silicon Valley’s oldest firms.
Kottmann calls the hacking collective “Advanced Persistent Threat 69420,” a lighthearted reference to the designations cybersecurity firms give to state sponsored hacking groups and criminal cybergangs.
In October 2020, Verkada fired three employees after reports surfaced that workers had used its cameras to take pictures of female colleagues inside the Verkada office and make sexually explicit jokes about them. Verkada CEO Filip Kaliszan said in a statement to Vice at the time that the company “terminated the three individuals who instigated this incident, engaged in egregious behaviour targeting coworkers, or neglected to report the behaviour despite their obligations as managers.”
Kottmann said they were able to download the entire list of thousands of Verkada customers, as well as the company’s balance sheet, which lists assets and liabilities. As a closely held company, Verkada does not publish its financial statements. Kottman said hackers watched through the camera of a Verkada employee who had set one of the cameras up inside his home. One of the saved clips from the camera shows the employee completing a puzzle with his family.
“If you are a company who has purchased this network of cameras and you are putting them in sensitive places, you may not have the expectation that in addition to being watched by your security team that there is some admin at the camera company who is also watching,” said Eva Galperin, director of cybersecurity at the Electronic Frontier Foundation, who was briefed on the breach by Bloomberg.


Inside Arizona’s Graham County detention facility, which has 17 cameras, videos are given titles by the centre’s staff and saved to a Verkada account. One video, filmed in the “Commons Area,” is titled “ROUNDHOUSE KICK OOPSIE.” A video filed inside the “Rear Cell Block” is called “SELLERS SNIFFING/KISSING WILLARD???” Another video, filmed inside “Drunk Tank Exterior” is titled “AUTUMN BUMPS HIS OWN HEAD.” Two videos filmed from “Back Cell” are titled “STARE OFF - DONT BLINK!” and “LANCASTER LOSES BLANKET.”
The hackers also obtained access to Verkada cameras in Cloudflare offices in San Francisco, Austin, London and New York. The cameras at Cloudflare’s headquarters rely on facial recognition, according to images seen by Bloomberg.
Security cameras and facial-recognition technology are often used inside corporate offices and factories to protect proprietary information and guard against an insider threat, said the EFF’s Galperin.
“There are many legitimate reasons to have surveillance inside of a company,” Galperin added. “The most important part is to have the informed consent of your employees. Usually this is done inside the employee handbook, which no one reads.”


Hackers breach thousands of security cameras, exposing Tesla Shanghai factory and US jails

A Tesla sign is seen on the Shanghai Gigafactory of the US electric car maker on December 30, 2019. Photo: Reuters

Tesla vehicles are seen on an assembly line at Tesla’s Gigafactory in Shanghai on January 7, 2020. Photo: Xinhua

Tech

Tech Trends

Business


The hacker group says it wanted to show the prevalence of surveillance
The video footage was captured from Sequoia-backed start-up Verkada



The hacker group says it wanted to show the prevalence of surveillance by accessing the video footage captured from a Silicon Valley security start-up.


Hackers breach thousands of security cameras, exposing Tesla Shanghai factory and US jails

The hacker group says it wanted to show the prevalence of surveillance The video footage was captured from Sequoia-backed start-up Verkada

The hacker group says it wanted to show the prevalence of surveillance

The video footage was captured from Sequoia-backed start-up Verkada