Picture a ransomware attack on a police department. In addition to affecting servers and laptops, it also disables body-camera docking stations, preventing officers from uploading critical footage and recharging their devices.
As this recent attack on a New York State police department highlights, cyber threats to video security cameras and systems are more than a theoretical risk. They are becoming a reality that demands immediate action. The Public Safety Threat Alliance (PSTA)‘s “Cyber Threats to Video Security” report found a 30 percent increase in attacks on video security systems in 2025. Adversaries, including hacktivists, cybercriminals and state-sponsored actors, are increasingly exposing footage, disrupting devices and physically sabotaging systems.
The evolving threat ecosystem
Attacks on video security systems have caused significant downtime, hindering the ability to monitor traffic, secure physical locations and document law enforcement interactions.
The report identifies a broad spectrum of adversaries, including:
- Extortion Syndicates: Ransomware groups such as Qilin and Akira are increasingly targeting security cameras as part of larger IT compromises or cyber attacks, sometimes forcing complete server rebuilds.
- State-Sponsored Actors: Advanced Persistent Threats (APTs) from nations such as Russia and Iran have been observed hacking private security cameras to spy on victims or collect real-time intelligence on missile impact zones.
- Hacktivists: Motivated by privacy concerns or ideology, these threat actors seek unauthorized access to video database records. In one instance, they exposed 130 terabytes of sensitive data, including feeds from inside vehicles.
It’s not just cyber, it’s physical
The report highlights that the most commonly reported attacks against video security systems in 2025 were physical rather than digital. From vandals sawing down CCTV poles in the U.K. to individuals destroying license plate recognition (LPR) cameras to avoid detection, sabotage is a persistent issue. The report details specific low-tech methods being discussed on social forums, such as using cooking oil or spray paint to cover LPR lenses.
Criminal forums and the dark web
IP-based video security cameras are also a popular topic on criminal forums on the dark web. Since many of these devices are connected to the internet, they face risks regarding remote accessibility. The cyber attackers’ interest is driven primarily by voyeurism, which is the unauthorized viewing of private feeds and cryptomining malware, which is the illegal practice of hijacking a device’s processing power to generate cryptocurrency. Whether for financial gain or to invade people’s privacy, attackers actively advertise and share exploitation tools and widespread vulnerabilities.
AI is changing the game
Looking forward, the threat landscape is evolving rapidly. The report warns that threat actors are increasingly using Artificial Intelligence (AI) to identify weak points across target environments. As adversaries become more proficient with AI tools, they can more easily locate unprotected protocols and devices and bypass access controls, making it essential for defenders to stay ahead of the curve.
Join the fight against cyber threats with the PSTA
The Public Safety Threat Alliance (PSTA) is a cyber threat intelligence sharing, collaboration and information hub for the global public safety community, working to improve its members’ cybersecurity posture, defense and resilience. PSTA membership is available to public safety agencies at no cost. By joining, you gain access to actionable, public safety-focused intelligence to help defend your mission-critical systems.
Join the PSTA today to download the full report to learn more about the threats to your systems and how to protect them. Joining also allows your organization to leverage actionable intelligence to protect your video security from cyber threats.
