Security cameras could be hacked using infrared light
Israeli researchers have demonstrated that security devices can be infected with malware and made to leak sensitive information and receive commands through the use of covert infrared (IR) signals.
The method has been shown to work on both professional and home security cameras, and even LED doorbells. These security devices are equipped with IR-emitting LEDs, which allow the cameras to continue to collect video footage in low-light settings (night vision).
IR light lies outside the visible spectrum, meaning that it is invisible to the human eye.
The researchers, based at Ben-Gurion University of the Negev, named their technique ‘aIR-Jumper’. The attacker must begin by installing malware which controls the intensity of the camera’s IR-emitting LEDs.
This establishes a largely undetectable communication channel between the security network and an attacker, who could be stationed miles away. The attacker is then able to receive signals from the surveillance device covertly, using a second simple camera.
With access to this data, the attacker can record and decode these signals to access sensitive information about activity in secure facilities.
To demonstrate the technique, the researchers filmed themselves sending IR signals to a security camera from hundreds of metres away, and the infected camera responding to these signals by exfiltration of data, including sensitive information such as passwords, PIN codes and encryption keys.
“Security cameras are unique in that they have ‘one leg’ inside the organisation, connected to the internal networks for security purposes, and ‘the other legs’ outside the organisation, aimed specifically at a nearby public space, providing very convenient optical access from various directions and angles,” said team leader Dr Mordechai Guri, who is head of research and development of the University’s Cyber Security Research Centre.
According to the researchers, this could give attackers a concerning degree of control over the secure system. Binary data, such as command and control and beacon messages, could be hidden in the camera’s video stream and intercepted by the malware in the network.
“Theoretically, you can send an [IR] command to tell a high-security system to simply unlock the gate or front door to your house,” added Dr Guri.
As the Internet of Things (IoT) grows to encompass more connected devices, cameras which monitor activity in domestic settings are likely to be on the rise, with the vulnerability of these low-cost connected devices to hacking being a major source of concern.