Iran Hijacking Home Security Cameras to Spy Within Israel

Iran is tapping into private security cameras in Israel to gather real-time intelligence about its adversary, exposing a recurrent problem with the devices that has emerged in other global conflicts.

Earlier this week, after Iranian ballistic missiles tore through high-rise buildings in Tel Aviv, a former Israeli cybersecurity official went on public radio to issue a stark warning: Turn off your home surveillance cameras or change the password.

“We know that in the past two or three days, the Iranians have been trying to connect to cameras to understand what happened and where their missiles hit to improve their precision,” Refael Franco, the former deputy director general of the Israel National Cyber Directorate, said on Monday. He now runs the cybersecurity crisis firm Code Blue.

A spike in cyberattacks has accompanied the war between Israel and Iran, with a pro-Israel hacking group known as Predatory Sparrow claiming responsibility for disrupting a major Iranian bank and a breach that struck an Iranian crypto exchange. Iran’s state-run IRIB News reported that Israel had launched a full-scale cyberattack on the country’s critical infrastructure.

A spokesperson for the Israel National Cyber Directorate, a government agency, confirmed that internet-connected cameras were increasingly targeted for Iran’s war planning. “We’ve seen attempts throughout the war, and those attempts are being renewed now,” the spokesperson said on Monday. Photos of impact sites in Israel, though circulating on social media, are under an official blackout.

It isn’t the first time Israel’s foes have used the devices to spy. For instance, Hamas hacked into private security cameras ahead of its invasion on Oct. 7, 2023, said Gaby Portnoy, who recently completed a three-year term as director of the Israel National Cyber Directorate.

“The intelligence gathering that Hamas did from private cameras in the Gaza periphery was a disaster,” Portnoy said in an interview. “Thousands of cameras were hacked over the years, both public and private, and were used to collect intelligence.”

Similar tactics have been used by Russia after its full-scale invasion of Ukraine. Russia “likely used access to private cameras at key locations, such as near border crossings, military installations, and rail stations, to track the movement of materials,” according to a in May by the US National Security Agency and other Western intelligence agencies. “The actors also used legitimate municipal services, such as traffic cams.”

A resident near a heavily damaged building after an overnight Iranian missile strike in Bnei Brak, Israel, on June 16, 2025. Photo credit: Amir Levy/Getty Images

Ukraine banned surveillance cameras in 2022 amid a warning that Russia was using them to plan airstrikes. The next year, Ukraine’s government called on the owners of street webcams to stop broadcasting online. “Russia is exploiting vulnerability of modern webcams to launch missile attack at Ukraine and adjust them in real time,” according to a at the time.

In the US, the Federal Communications Commission in 2022 banned Chinese-made surveillance equipment over national security concerns.

The private surveillance market is fast growing around the world: it’s projected to reach $89 billion in 2030, up from $54 billion in 2024, according to a .

Relatively cheap and ubiquitous, private security cameras are often easy to access and hack, and they can provide foreign intelligence services with information on where troops are located, or help adversaries figure out where to drop bombs.

While researchers have been in security cameras for over a decade, some in the industry say they can be contained by investing in higher-end systems that offer regular firmware and software updates and by following proper installation procedures.

“Higher-grade security camera systems from vendors that take cybersecurity seriously will offer extensive configuration settings allowing for more device and communications customization,” Geoff Kohl, the Security Industry Association’s senior director of marketing, said in an email. At the same time, users should “presume your security video systems could be targeted,” he added.

Most consumers prioritize price over the security of a surveillance system, even though a weakly protected camera can be a “stepping stone” into overtaking the broader network, said Peleg Wasserman, a security architect at a global energy firm. “They don’t look at the security features of the device they’re buying. So for the vendor there is no incentive to beef up security of such systems.”

“Consumers need to remember that they’re not the only ones who may have access to this camera,” Wasserman said. “I’ve seen people that put a camera outside the home without knowing that they’re also filming their neighbors, for example, or a sensitive object or even giving a panoramic view of a city which may be useful for targeting.”

In addition, private surveillance cameras often come with a default password 鈥� sometimes as simple as 1-2-3-4 鈥� which is rarely changed by the user, according to experts. Some systems automatically stream the footage on the internet.

While Chinese-made cameras have taken over a large part of the private surveillance market, other systems have weak protections. A this month found live footage from 40,000 security cameras is accessible on the internet, including 14,000 in the US.

For countries at war, this data leakage can be an Achilles’ heel.

In 2022, the Israeli cyber agency warned that 66,000 personal cameras in Israel were using a default password and could easily be overtaken by hackers. That warning was largely unheeded, including in the southern towns that were invaded by Hamas in the attack that killed over 1,200 and saw 250 abducted.

After the Hamas attack, the Israeli government issued nonbinding directives urging citizens to strengthen the information security on their personal security cameras, many of them Chinese-made, including adding two-factor authentication. It also obtained legal approval to remotely shut off traffic cameras and personal devices reflecting out on sensitive areas, such as borders or critical infrastructure, according to Portnoy, the former director of the Israel National Cyber Directorate.

That came after it detected increased attempts by Israel’s adversaries to breach highway cameras to monitor troop movements. Portnoy said Hamas had hacked private cameras for years to collect intelligence and monitor civilian and military movements while planning the attacks. Hamas is considered a terrorist organization by the US and many other governments.

An analysis of the military’s secure border cameras after the war began found they not breached by Hamas, according to Portnoy. But private security systems from the kibbutzim nearby that were later invaded were compromised, he said, citing footage found in Gaza by the Israeli military.

Franco, in an interview before the outbreak of the latest Israel-Iran conflict, said cameras that farmers installed in agricultural fields along the border to prevent theft inadvertently showed soldiers’ positions along the Gaza security fence.

Most people are unaware of the potential dual use of CCTV when they try to bolster their personal security without proper safeguards, whether in towns, kindergartens, offices or private homes, according to Franco. “You try to protect yourself and meanwhile you are exposing yourself,” he said.

Since Israel launched its attack on Iran’s nuclear program on Friday, Iran has retaliated by firing hundreds of ballistic missiles and drones. More than 200 people have been killed in Iran by Israel’s strikes, according to the Iranian government. In Israel, the government says 24 people have been killed and over 800 injured.

Related: