Hacked webcams help Russia spy on Ukraine

Ukraine's security service says two cameras in the Ukrainian capital leaked information about the country's defense on January 2 this year, when Russia sent robots towards Kiev. Several people died. The webcams were said to have been under the control of Russian intelligence, which was able to capture video from them and change their orientation.

One of the cameras was installed on the balcony of an apartment building and residents used it for surveillance. It is said that the other was in a residential area, He writes Security Service of Ukraine on Telegram.

It's not the first time Private webcams are being used as a tool for Russian espionage against Ukraine. Last year, the US intelligence agency (NSA) sounded the alarm that Russia had hacked surveillance cameras in Ukrainian cafes. Some cameras show the street outside, which allowed them to show important modes of transportation.

– We see how Russian hackers log into webcams and see convoys and trains delivering supplies, said the head of cybersecurity at the National Security Agency Rob Joyce at a conference in April 2023.

In fact, Russia may have had access to surveillance cameras across the country for a long time. A recent investigation by Radio Free Europe showed how thousands of webcams in Ukraine use a Russian cloud service that potentially gives the country's authorities widespread access to video footage.

The system is called Trassir and is sold by a Russian company. Enables the camera owner to follow the camera via his computer or mobile phone. But before the video reached the mobile phone, it passed through a Russian server. Radio Free Europe's review identified the IP addresses the camera connects to. They point to a server in Moscow, in a company that, among other things, did business with the Russian army.

Cameras that use Trassir are usually made in China, but it doesn't matter as long as the underlying software and service are Russian.

Tracer cameras were used In a number of locations across the country. Among other things, the TRASER monitoring system has been used in Chernobyl since 2011, but according to the authority responsible for the old nuclear power plant, the system was not supposed to be able to access the Internet, and in 2023 it was completely phased out.

Another example is the city of Poltava, which in 2017 will invest in improving street safety through camera surveillance, among other things. More than 300 cameras were purchased and installed throughout the city, all connected to the Tracer system. According to a Radio Free Europe review, at least some of them can still be seen in the city today.

Three years later, in 2020, the city of Lviv reportedly came close to purchasing the same service, but at that time the Ukrainian Security Service intervened and the deal was stopped.

After Russia on a large scale Invasion of Ukraine in February 2022, additional measures were taken. Then a number of Russian IP addresses were blocked in Ukraine. Among them was the IP address to which the Trassir cameras were connected. But the cover is not waterproof. A regular VPN connection, which controls Internet traffic through another country, can be enough for the cameras to send video to the Russian server.

The Security Service of Ukraine is now urging all residents to stop using street-facing webcams and report these cameras to the authorities.