A critical vulnerability has emerged on the modern battlefield: consumer-grade security cameras are becoming force multipliers for state actors conducting real-time reconnaissance during armed conflicts. New research revealsmultiple Iranian hacking crews have been targeting internet-connected surveillance cameras across Israel and other Middle Eastern countries, with security researchers tracking 'hundreds' of attempts to exploit bugs in IP cameras made by Hikvision and Dahua.
The pattern is stark and deliberate.The countries targeted in these digital intrusion attempts—Israel, Qatar, Bahrain, Kuwait, the UAE, Cyprus, and Lebanon—are the same ones that have seen significant missile activity linked to Iran. This is not espionage for its own sake.Experts believe the camera hacks were meant to gain access to street level imagery across desired targeting areas, assess impact damage, and collect evidence of a successful attack to use in military reports and propaganda videos.
This tactic reflects a broader shift in modern warfare.For four years now, Russian cyber units have been hacking security cameras in Ukraine for the exact same reasons—reconnaissance to detect exact location of targets and then assess impact damage and decide if follow up strikes are needed.Ukraine reported Russia hacked two surveillance cameras and used them to spy on air defence systems and critical infrastructure in Kyiv, with Russian threat actors remotely taking control of the device and configuring it to stream the captured video to YouTube.
The vulnerability runs deeper than any single nation's tactics.The security flaws being exploited include an unauthenticated remote code execution vulnerability in Hikvision Integrated Security Management Platform (CVE-2025-34067) and an authentication bypass vulnerability in multiple Dahua products (CVE-2021-33044), both of which have patches available. Yetmany IoT devices lack robust security features, such as strong authentication mechanisms, regular security updates, and the ability to monitor and detect suspicious activities.
Why cameras matter more than you think
From a national security perspective, this represents a troubling asymmetry. Armies do not need to launch cyber warfare attacks on banking systems or electricity grids—which trigger escalation and international backlash—when a video feed from a street camera can serve as reliable military intelligence.Video surveillance provides insights on the physical security controls at critical locations including barriers, locks, fences, and guards, as well as the flow of people and equipment, allowing analysts to determine shift changes, patrol patterns, and the best plan of attack whether physical or cyber.
The counterargument deserves serious consideration. Some analysts argue that camera hacking is a minor contributor to military outcomes compared to electronic warfare, communications disruption, and kinetic strikes.While these cyber operations may very well be real, they also may not have played that significant role in conflicts, which makes sense given that war is about dropping bombs, and there may be a tendency from authorities themselves to exaggerate the effect of cyber operations as a way to intimidate and scare the enemy.
Yet the pattern persists.Iran hit Israel's Weizmann Institute of Science with a ballistic missile shortly after reportedly compromising a street camera facing the building. Coincidence is possible. Coincidence twice, three times, across multiple nations and conflicts becomes harder to dismiss as random.
The path forward: accountability without panic
Australian organisations using internet-connected cameras—particularly in defence, critical infrastructure, and sensitive facilities—should take immediate steps.Defenders should eliminate public exposure by removing WAN access and using a VPN, while enforcing strong credentials and keeping firmware up-to-date. This is not optional housekeeping; it is elementary operational security.
The deeper issue, however, cuts across the centre-left and centre-right divide. Manufacturers have prioritised time-to-market over security engineering for years. Regulators have been slow to impose standards that match the threat. Device owners have treated cameras as fire-and-forget peripherals rather than network infrastructure requiring active management.
The resolution requires pragmatism from all sides. Governments should mandate security standards for connected devices sold domestically, without micromanaging design decisions. Manufacturers must embed security into product development as a core discipline, not a compliance checkbox. Organisations responsible for critical infrastructure should audit and isolate exposed cameras now, not wait for a breach.
What emerges is not a crisis requiring panic, but a straightforward gap between the threat landscape and the defences most organisations have deployed. The camera in your office building or factory floor is now military-relevant infrastructure. Treating it accordingly is not dystopian; it is rational.