Authorization

Security lapse exposed a Chinese smart city surveillance system

Smart cities are designed to make life easier for their residents: better traffic management by clearing routes, making sure the public transport is running on time and having cameras keeping a watchful eye from above.
But what happens when that data leaks? One such database was open for weeks for anyone to look inside.
Security researcher John Wethington found a smart city database accessible from a web browser without a password. He passed details of the database to TechCrunch in an effort to get the data secured.
The database was an Elasticsearch database, storing gigabytes of data — including facial recognition scans on hundreds of people over several months. The data was hosted by Chinese tech giant Alibaba. The customer, which Alibaba did not name, tapped into the tech giant’s artificial intelligence-powered cloud platform, known as City Brain.
“This is a database project created by a customer and hosted on the Alibaba Cloud platform,” said an Alibaba spokesperson. “Customers are always advised to protect their data by setting a secure password.”
“We have already informed the customer about this incident so they can immediately address the issue. As a public cloud provider, we do not have the right to access the content in the customer database,” the spokesperson added. The database was pulled offline shortly after TechCrunch reached out to Alibaba.
But while Alibaba may not have visibility into the system, we did.
Security lapse exposed a Chinese smart city surveillance system
The location of the smart city’s many cameras in Beijing (Image: supplied)
See also:
Leave a comment
News
  • Latest
  • Read
  • Commented
Calendar Content
«    Июнь 2019    »
ПнВтСрЧтПтСбВс
 12
3456789
10111213141516
17181920212223
24252627282930