Hackers have defaced tens of Canon security cameras across Japan, local media reported, printing the phrase "I'm Hacked. bye2" on the video feeds of affected devices.
Many defacements took place on Sunday, May 6, according to screengrabs from hacked devices, but there are reports that similar incidents have been taking place for weeks, since mid-April, according to posts on Japanese social networks.
Officials from the cities of Yachiyo and Ageo, some of the first hacking victims last month, admitted to having failed to change the cameras' default passwords.
Canon Japan issued a security note on April 26, after the first reports of defacements, advising customers to change the default passwords.
Japanese users and authorities reported finding defaced cameras monitoring public places, government buildings, waterways, a fish market in Hiroshima, a care facility for the disabled in Kobe, and at the private headquarters of a company in Naha.
Over 60 incidents were reported just yesterday and the defacements caused a stir in Japan because many of the compromised devices were on government networks.
Experts have long argued that smart cameras and other IoT devices could be used as pivot points in larger and more damaging hacks, serving as entry points into secure networks.
Not changing a device's default passwords is the primary cause of IoT hacks and the first thing that IoT botnets look for when scanning for vulnerable devices.
Image credits: The Sankei Shimbun