Your Tech Story

Tech News

Verkada camera

Verkada camera breach caused by hackers exposing Tesla, Jail, and Hospitals.

Another massive hacking incident shook the world as a group of hackers successfully compromised the security camera systems of Verkada Inc. Verkada Inc is a Silicon Valley startup and the company’s camera security system is used widely from companies to hospitals around the world. The hackers have said that they were able to collect a massive amount of security camera data and have also gained access to live feeds of a hundred thousand cameras. These cameras are set up inside hospitals, police departments, schools, prisons, etc.

The hackers have also exposed a few footages of companies including Tesla and Cloudflare Inc (San Francisco, Austin, London, and New York offices). But, this is not it as they also broke into the camera systems of women’s health clinics and also hacked the camera system of Verkada’s office. The cameras that were hacked also use facial recognition systems to identify people from the live footage. Since the hackers claim to have full footage of Verkada’s every customer, the intended damages cannot be fathomed if it is true.

Verkada camera details of exposed videos

Since the hackers claim to have access to full surveillance footage of Verkada’s customers, a few of them were revealed. Video footage taken by Verkada camera system inside Halifax Heath (Florida-based hospital) shows that a total of eight hospital staffers tackling and pinning a man on his bed (reported by Bloomberg). Another video that was revealed by the hackers was of Tesla warehouse in Shanghai. The video footage showed workers on an assembly line. The hackers have claimed to hack 222 cameras in total within Tesla. The organizations who were exposed in the leaked videos declined to comment immediately.

Verkada camera
Image Source: bloombergquint.com

There was another video from the surveillance footage witnessed by Bloomberg showed a police station in Massachusetts. A police officer was questioning a man in the video. The hackers also got into the camera security system of Sandy Hook Elementary School, Newtown, Connecticut. There is not a single place that was spared by the hackers, as they also accessed 330 security cameras inside Madison County Jail, Alabama. The hackers were not only able to access live footage but also archived videos (including audio in some cases) in high-resolution quality.

Who hacked into the camera system?

The hacking into the Verkada’s camera system was done by International hackers who wanted to show the world the pervasiveness and ease at which this system can be infiltrated. Tillie Kottmann is one of the hackers who has claimed the responsibility for the hacking incident. Tillie has also previously admitted the hacking into Intel and Nissan Motor. Tillie said some of the major reasons why this chain of hacking surveillance footage has been carried out by the group is mostly out of curiosity and constant fighting for the freedom of information and against intellectual property. Kottmann also mentioned that it is too much fun not to do it.

Apart from taking credit for accessing all camera footage, Kottmann also mentioned that they have found the root access on the cameras. This means that they can now execute their own codes in each and every camera. In doing so, this will further help them to hack into the broader Verkada network and use the cameras as a platform to launch similar hacks in the future. Kottmann also mentioned that “Obtaining this degree of access to the camera didn’t require any additional hacking, as it was a built-in feature.” (Bloomberg)

A group of hackers got into the network of Verkada’s camera system as they found an exposed user name and password information on the internet. The information was of an administrator account and after Bloomberg contacted Verkada regarding this, the hackers lost all video footage of both live and archive data.

The action was taken against hacking

In the light of the information regarding the camera system comprising, a Verkada spokesperson said that “We have disabled all internal administrator accounts to prevent any unauthorized access.” The company also mentioned that both the company’s internal security team as well as external security agency have started investigating this matter. They have also contacted law enforcement.

The controversial fact about this entire hacking incident is someone or the company has been careless enough that such sensitive information was lurking freely on the internet. Anyone can get into the surveillance system if they have a correct user name and password, but how easily are this information leaked is the main question. This will hurt the trust build between Verkada and its customers.

Microsoft

The Microsoft E-Mail hack is costing several organizations including European Union Banking Regulator

Recently, the email system of Microsoft has been compromised due to a cyber-attack which is allegedly caused by a Chinese group. Several organizations have fallen victim to the hack of the Microsoft email system. One of the prime European Union financial regulators, the European Banking Authority has also suffered damage due to the chain of attacks.

Microsoft mentioned in a statement that the company thinks the attack is caused by a state-sponsored Chinese group operating out of China. This alleged Chinese group was trying to exploit some of the flaws in its Exchange email services that were previously not known. According to Microsoft, the main intention of this group is to steal sensitive data from various business and government organizations. Microsoft believes that so far then thousands of users have already been under attack.

The European Banking Authority (EBA) has confirmed this attack on Sunday and also the organization is taking its email system offline as a precautionary measure. An organization of this importance suffers a huge casualty due to such cyber attacks. The investigation has already started in close corporation with many forensic experts, its ICT provider, and “other relevant entities.”

Microsoft E-Mail Hack

The hackers have infiltrated the user’s system using Microsoft’s email system. Currently, more than 20,000 US organizations have been compromised. Before this latest attack, there was another major attack last December where the system of SolarWinds Corp was compromised. But, it was believed that the attack in December was carried out by Russian hackers and now the blame has shifted to Chinese hackers. While investigating the latest cyberattack, it has been found out that the hack has left channels for remote access spread among credit unions, town governments, and small businesses (The Indian Express).

Microsoft

Apart from the US organization, many European and Asian organizations have also fallen victim to these attacks. Though Microsoft has issued emergency patches, the hacks don’t seem to get affected. The situation seems to be getting out of control from the big multinational tech giant. Microsoft previously thought that the attackers are targeting only some limited users. But, the hike in the numbers of victims has made the company take the help of government agencies and other security companies to protect its customers.

In response to those who are under attack, Microsoft mentioned that “impacted customers should contact our support teams for additional help and resources” (The Indian Express). Last Friday, Microsoft witnessed that only 10% of the affected customers have installed the patches issued by Microsoft. The numbers are still rising.

Warning, accusations, and declining

Last Friday, Jen Psaki, White House Press Secretary mentioned that the vulnerabilities that were investigated in Microsoft’s Exchange Server were quite significant and that it could have a far-reaching impact. There has already been quite a high figure in the victim’s list and nobody still knows how many more to go. Blaming the hacker’s group is sponsored by China, the nation has declined and said that China is not behind this series of events.

The EBA which was also attacked mentioned that they might have accessed personal data. So, EBA advises on taking possible mitigation measures if that is what it takes. The security experts think that either China has changed the tactics of its attacks or there might be a second group that is committing this high-scale network infiltration and data theft.

Microsoft has urged all its customers to install the patch at the earliest. Since the attackers are entering from the back door, it is likely they will attack any unpatched system. Microsoft believes that the SolarWinds attacks and this latest attack are in no way connected. But, the company also first thought that the hackers are attacking specific targets which are now keeping to expand. So, the entire situation is becoming very unpredictable with every passing day.

Qualcomm Snapdragon Sound

Qualcomm launched Snapdragon Sound promising better quality and connectivity

Qualcomm launches Snapdragon Sound as a new suite that can be connected to smartphones and well as wireless headphones and earphones. The first announcement regarding this suite for audio products was announced last year during the Qualcomm Summit in December. The Snapdragon Sounds claim to have improved interoperability between Qualcomm Snapdragon fueled smartphones and also with audio products such as headphones and earphones (Gadgets 360).

The new product suite by Qualcomm has promised better audio quality and efficient connectivity for its users. Apart from these two major improvements, it has also embedded additional features like active noise cancellation (ANC) and voice communication software. To enable and use the Snapdragon Sound, both source device and outfit should be supporting the particular technology.

Qualcomm Snapdragon Sound

This new suite is expected to roll out in the market within the next few weeks. The Qualcomm Snapdragon Sound can be enabled on smartphones powered by Snapdragon 888 which is going to roll out this year. This new product is targeting the electronics manufacturer who originally built smartphone and audio products. The Snapdragon Sound will be provided as a one-step solution for product makers working in ANC, Bluetooth, chipset, and other connectivity technologies.

Qualcomm Snapdragon Sound
Image Source: anandtech.com

If a user is using a compatible audio product along with supporting a smartphone such as one with Snapdragon 888, this will allow the activation of the entire audio suite experiencing every feature included in Snapdragon Sound. Some of the features of this new audio suite are ANC, Qualcomm FastConnect, aptX Bluetooth codec, etc.

Other companies working for Snapdragon Sound

Qualcomm worked with two other companies for developing the Snapdragon Sound, namely, Xiaomi and Audio Technica (Japanese headphone maker). The new audio suite will be embedded on some of the company’s new products which will broaden the scope for compatibility and attract more audiences. The users will understand that Snapdragon Sound has been enabled and it is operational when they will receive a new pop-up logo on the connected device. The Snapdragon Sound can be connected even in speakers but both the source and output device should support the technology.

The main technologies that are expected to make the Snapdragon Sound exceptional with enhanced audio quality and connectivity are Qualcomm FastConnect 6900 and the Snapdragon 8-series chipset range. The former technology will enable faster and stable Bluetooth connectivity. There is also Qualcomm active noise cancellation technology which will make the experience more real and authentic. The aptX adaptive codec will be used for high-quality audio transmission over Bluetooth and there will be an amplifier package and Qualcomm Aqstic DAC(Gadgets 360). 

Since Qualcomm has announced the rollout officially, the product makers can now license the entire audio suite for their new products. The company is also working with Amazon Music HD in order to certify the listening experience and reach out to more people. They want to convey all the purposes that will be provided by the new Snapdragon Sound.

Features of Snapdragon Sound

Snapdragon Sound is ensuring the best audio experience bringing the Qualcomm technologies altogether. The new Snapdragon Sound will provide the best audio paired with excellent connectivity and delivering high-resolution music. Using Snapdragon Sound, the voice calls will be clearer and it will ensure a lag-free gaming experience. The audio suite also ensures extended battery life. You can check out the official website of Snapdragon Sound to get a demo of what your music will sound like.

The Snapdragon Sound is compatible with both smartphones as well as wireless earbuds to headphones. This is the kind of technology aspired by every gamer and those attending business calls 24/7 across the globe. If you don’t choose to connect to earphones or headphones, Snapdragon Sound will play the music extra loud from your phone’s speaker using Aqstic technology. This will not damage the phone speakers.

The audio quality will be uncompressed 24-bit 96 kHz. For Bluetooth connectivity, the audio will be compressed and delivered in quality up to 16-bit 44kHz. Snapdragon Sound uses the aptX voice technology to make calls clearer by improving the sound quality. The background noises will be minimized which has a huge advantage of receiving calls no matter where you are.

Guardian

Guardian Personal Safety App launched by Truecaller for location sharing with specific contacts

Only a few days before International Women’s Day, the caller ID platform, Truecaller launched its new application called Guardian. This new app will allow the users to share their location only with specific contacts so that the guardians will receive notification about the user’s location and alerts during any emergency. This new app will not share any personal information with any other third-party app for commercial purposes which also includes Truecaller itself.

This new app by Truecaller has been launched on 3rd March 2021. According to Truecaller, the Guardian app is an in-house built product. Efforts of team members from Sweden and India for the past fifteen months have finally helped in developing the app. If you already have a Truecaller account you can sign in with that in Guardian or you can use your mobile number to sign up. If you aren’t a Truecaller user, then an OTP or a missed call will be generated to verify the mobile number.

The Guardian App

To use the Guardian app, there are only three pieces of information that are required from the user’s end, namely, the user’s contact log, phone permission, and location. The Guardian app doesn’t have any premium model so it is free to use for everyone. The app will not show any ads as well, the company says. In the future, Truecaller plans to add a shortcut for downloading the Guardian app from the Truecaller app so that more people can download and use it. The main motive behind building the Guardian app is to crowdsource personal safety like we crowdsource protection against scams and frauds with the help of Truecaller, said Alan Mamedi, CEO and co-founder of True Software Scandinavia AB (parent company of Truecaller).

Alan also said that he believes the company has the right tool and conviction to make Guardian a success. The best thing about using the Guardian app is that there is only one model for the app which is free. So, the company to some extent is putting more focus on safety than business growth. This is a truly good initiative taken by Truecaller as the app will work with police as well.

How will the App Work?

Guardian app will provide a huge degree of customization to the users as they will get to select the specific contacts with whom the former want to share the location. There will also be options of when to start and stop sharing location. Along with that, the users can also share the location permanently with some contacts. Suppose a user shares the location with the selected contacts in a particular trip, it will keep working in the background. The app will also notify the selected contacts and help them follow the location precisely during any emergency.

Guardian
Image Source: themobileindian.com

Closely following the location will not be enabled in any normal scenario to preserve the battery. Apart from the user’s location, the app will also notify the remaining battery life and network strength to the selected guardians. The app is compatible with an arrangement where the user’s and the guardian’s phone run on different OS (Android and iOS). The users will also be able to call or text the selected contacts once the location is shared only with one tap.

Community Guardians Feature

Truecaller’s Guardian app also plans to launch a feature called Community Guardian. This feature will be useful once the emergency mode has been enabled by the user so that the community guardians in the user’s vicinity can help the user. This will help in crowdsourcing personal safety and help traveling much easier for women. The community guardian feature will help the user receive support from other contacts that are not selected by the user. Truecaller is also trying to involve local law enforcement officials to make the app more effective. This app is designed mainly for ensuring women’s safety, but any user can download and use the app.

Alan also focuses on data sharing as he mentions that no personal data will be stored or shared for commercial purposes. Data will be directly streamed to the client and it will not even touch the platform’s infrastructure. The app is now available in Google Play and soon it will be available on App Store. The company doesn’t have any plan to commercialize the app ever even after it is successful.

Spectrum auction

Reliance Jio emerged as the biggest bidder during Spectrum auction 2021 with Rs 57122. 65 crores

The biggest bidder in the Spectrum auction 2021 was Reliance Jio with Rs 57,122.65 crores for 488. 35MHz spectrum (Gadgets 360). This information was conveyed by the Ministry of Telecommunications and Information Technology in a statement. Reliance Jio after the latest bidding witnessed that the company’s spectrum footprint increased by 55 percent. With the spectrum increased to 1711MHz, the operator became the largest spectrum holder in sub-GHz and 2300MHz. In the Spectrum auction 2021, Bharti Airtel emerged as the second-largest bidder after Jio acquiring 355.45MHz of airwaves worth Rs 18,698.75 crores.

Spectrum auction 2021 came to an end on 2nd March 2021. There were a total of six bidding rounds in Spectrum auction 2021 and the e-auction this time was based on Simultaneous Multiple Round Ascending Auction (SMRA) methodology. The total worth of bids fetched in Spectrum auction 2021 is Rs 77,814.80 crores for 855.60MHz. And, this time the auction went “better than expected” as mentioned by the auction officials.

Bidding in Spectrum auction 2021

The three main bidders in Spectrum auction 2021 that has put airwaves in 700MHz, 800MHz, 900MHz, 1800MHz, 2100MHz, and 2300MHz bands on bidding are Reliance Jio, Airtel, and Vodafone (Vi). The ministry also informed that there was no bidding for 700MHz and 2500MHz bands. The government put out a total spectrum of 2308.80MHz for auction. The bidders in a total bid for 855.60MHz spectrum which sums up to 60 percent of the total spectrum offered.

Spectrum auction
Image Source: business-standard.com

Reliance on bidding

The Spectrum auction 2021 was exclusively for the 4G bands and the government plans to throw another auction specifically for 5G bands. So, even if Jio has emerged out to be the largest bidder in this auction, the operator still needs to wait for the 5G bidding auction for its 5G services. Many other operators are also making progress in the 5G network technology as well.

Reliance Jio has mentioned in a statement that the company has acquired the right to use spectrum in 22 circles across the country in the recently concluded spectrum auctions (Gadgets 360). And, this acquired spectrum will be very beneficial for the 5G services that will be provided to the Jio users in the country for transactions in 5G. But, the latest Spectrum auction 2021 was all about 4G bands. Mukesh Ambani, Chairperson of Reliance Industries mentioned in a statement that with this increase in the spectrum, the company tends to expand its digital footprint in more parts of India and prepare for the 5G rollout.

Airtel expanding its spectrum

Airtel after becoming the second largest bidder in the auction mentioned that the company acquired 355.45MHz spectrum across sub-GHz, mid-band, and 2300MHz. This huge expansion in the spectrum will help Airtel bring around 90 million additional customers onboard. Gopal Vittal, CEO and MD of Indian and South Asia, Bharti Airtel said that the company now has a very solid spectrum portfolio and this will enable the operator to deliver the “best mobile broadband experience in India.”

Apart from mentioning the future plans of Airtel in India and its spectrum expansion, the operator explained why no bidders went for the 700MHz spectrum band. The main reason behind this is an absence of the economic case which is based on the high reserve prices concerning the 700MHz spectrum. This is a low-frequency band that is extensively used for bolstering inner cellular coverage.

The company also mentioned that the reserving prices, particularly on this band, should be a focus point of discussion in near future. Because, if this band is coupled with the 3.5GHz band it will unleash the potential of India becoming one of the nations in terms of the digital era.  So, this is a very important issue that should be addressed by the government at the earliest as the nation will benefit hugely if these reserving price tags are taken off.

Apart from the bidding by Reliance Jio and Airtel, Vodafone was also one of the bidders. The company came last in the list with an 11.80MHz spectrum band worth Rs 1,993.40 crores. The government officials have mentioned that the spectrum of each operator will be valid for 20 years from now.

Covid-19 Vaccine

Hacking Group from China Attacks the Bharat Biotech and Serum Insititute of India (SII) IT Infrastructure

India has not been on good terms with China for the past few years. From crossing the borders to attacking the Indian government on political grounds, China is pushing all the limits. This time, the Country has gone even beyond.

For the past couple of weeks, a Chinese hacking group has been interfering with the IT systems of two major Covid-19 vaccine manufacturer companies in India, i.e. Serum Insititute of India (SII) and Bharat Biotech. The Singapore and Tokyo-based cybersecurity company, Cyfirma, has revealed that a China-state-backed hacking group named APT10, also known as Stone Panda, had identified holes in the IT infrastructure and supply chain software of these two Indian companies. Cyfirma follows around 750 cybercriminals and uses a cybersecurity tool DeCYFIR to monitor over 2000 hacking campaigns, to create robust cybersecurity strategies for companies around the world.

The Chief Executive at Cyfirma, Kumar Ritesh, said in a statement, “In the case of Serum Institute, they have found a number of their public servers running weak web servers, these are vulnerable web servers. They have spoken about the weak web application, they are also talking about the weak content-management system. It’s quite alarming.”

Covid-19 and its Vaccination

Due to the spread of Covid-19, the year 2020 has been a disastrous year for the entire world. And despite, we have discovered a few vaccines to fight Covid, we are still struggling to get everything back to normal. Exactly a year ago, the world got to know about the Covid outburst, and countries had to shut down all their operations. China got all the blame since the virus had come from Wuhan, a city in China. The year passed in finding the cause of the virus and vaccine for it, but China never admitted its hand in the spread of Covid.

Covid-19 Vaccine
Image Source: businessinsurance.com

Many countries blamed China, and many defended, but the main issue was to find a drug to help fight the disease. Finally, two big drug manufacturing companies in India, The Serum Institute of India (SII) and Bharat Biotech, came with their version of the vaccine for Covid, and the vaccination process started. SII came up with Covishield, and Bharat Biotech is manufacturing Covaxin.

Motive Behind the Cyber Attacks

As said earlier, the Serum Institute of India and Bharat Biotech are some of the first pharmaceutical companies to provide the most effective Covid-19 vaccines. These two companies are the ones, supplying 60% of Covid vaccines to the world, and China falls in the other 40% category to sell or gift its vaccines to the other countries.

According to Cyfirma, the motive behind attacking the IT systems of these two companies can be this excessive competition. “The real motivation here is actually exfiltrating intellectual property and getting a competitive advantage over Indian pharmaceutical companies,” said Ritesh in a statement.

Action to be Taken

The matter has gone into the hands of the state-run authority CERT (Computer Emergency Response Team). Though the authority has denied commenting on the matter, due to the importance of the issue, they have confirmed that the matter will be handled by the operations director of CERT, S.S Sharma. According to Cyfirma, they had contacted CERT on the issue, and it has acknowledged the threat.

Other than China, there have been cyber intrusions in the IT systems of companies manufacturing Covid-19 Vaccine around the world from other countries as well. Microsoft, in November, had confirmed that there have been cyber attacks on drug companies of India, Canada, France, the USA, the UK, and South Korea from countries like Russia and North Korea.

Drugmaker Pfizer Inc had also revealed that some of its documents that included the information regarding Covid-19 vaccine manufacturing also went under a cyber attack in December 2020 and were “unlawfully accessed”. For now, neither China’s foreign ministry nor SII or Bharat Biotech has given any statement on the matter.