Dozens of Canon Inc.’s security cameras connected to the internet have been hacked across Japan, making them uncontrollable at waterways, a fish market and a care facility among other places, users said Monday.
Over 60 cameras nationwide are believed to have been illegally accessed so far, and in most cases a message that reads “I’m Hacked. bye2” has been left on their screens apparently by the hacker, they said.
While it remains unclear why Canon cameras have been targeted, the city of Yachiyo in Chiba Prefecture and the city of Ageo in Saitama Prefecture, which lost control of the cameras for monitoring the levels of their waterways, said they had failed to reset the cameras’ default passwords.
Fearing more cameras could be hacked, Canon is urging users to change their passwords on its website. The company said it cannot comment on individual cases.
Security cameras connected to the internet allow remote monitoring using computers, smartphones and other devices and are considered a classic example of the Internet of Things, or IoT.
But experts say a hacker can use such cameras as a gateway to attack the computer systems of governments and companies.
“The cases indicate IoT has many security issues,” said an information security expert who goes by the alias of piyokango, adding, “It is important that you make sure to change the default passwords.”
Hackings were also reported at other locations including a fish market in Hiroshima, a care facility for the disabled in Kobe, and a Naha branch of a company based in Saitama Prefecture.
The city of Yachiyo noticed the problem on April 24 and also found that the password for the camera had been altered. The city cut off the camera from its network and reported it to police, it said.
The city of Ageo realized the hacking two days later.
“We had not predicted this kind of situation,” said an Ageo city official.