Prison life is often difficult, especially when resources available for penitentiary systems are scarce. Just a few days ago, after the alleged hack into the surveillance camera system at Lang Suan prison in Chumphon Province, Thailand, a video showing the precarious conditions in which prisoners serve their sentences was posted on a cybersecurity channel on YouTube.
The video was titled “Thai Bangkok prison Security Camera live” and was posted on the broadcast platform last Tuesday. The video description ensures that it is 100% real footage of the day-to-day life in this prison.
At a press conference, Somsak Thepsuthin, head of Thailand’s Minister of Justice, mentioned that the country’s Department of Corrections had already detected the incident. Although Thai authorities ignore how the material leaked, they note that this has been a constant in prisons in various countries in recent times.
Thailand’s correctional department filed a complaint about the incident, which will be in charge of the Special Investigations Department, in collaboration with cybersecurity firms; authorities hope to find those responsible as soon as possible.
A local media released the statements of an anonymous informant, who claims that Thailand’s prison surveillance systems were installed by a private company, which won the contract through a procurement process. In addition, the source states that these systems have an Internet connection for real-time access to the feed. In other words, prison managers, as well as some security staff members, have extensive access to CCTV images, completely live and through any smart device.
The incident has seriously damaged the reputation of the country’s prison system. The authorities mention that it is likely that some user’s access credentials to the system had been leaked and reached into the hands of those responsible for the incident, who released the footage, showing the overcrowded conditions in which inmates must live at Lang Suan.
Early cybersecurity reports suggest that the intrusion occurred overnight on Monday, December 23; hours later the video was already online. Among other content, the YouTube channel where the video was posted, called Big Brother’s Gaze, shows similar images purportedly obtained from prisons in Australia, Russia, the US, among other countries.
Various research conducted by security firms, independent experts and organizations such as the International Institute of Cyber Security (IICS) have shown how easily a group of threat actors can compromise the integrity of a surveillance system, whether it is installed for monitoring a home, shopping malls, business environments or, as in this case, prison systems in various countries. As a cybersecurity advice, system administrators can implement some simple measures, such as multi-factor authentication, periodic password reset, and limit access to these systems only for the most trained and reliable staff.