Home » Technology » LED Technology » Hackers can invisibly hack security camera networks with IR LEDs

Hackers can invisibly hack security camera networks with IR LEDs

Hackers can invisibly hack security camera networks with IR LEDs

By BizLED Bureau

Sep 25, 2017: Israel’s Ben-Gurion University of the Negev (BGU) researchers have found that security cameras, infected with malware, which are equipped with IR-based night vision, can be hacked through IR LEDs, either to infiltrate a network or to leak out information from the cameras’ network.

Their demontration has been explained in a paper titled “aIR-Jumper: Covert Air-Gap Exfiltration/Infiltration via Security Cameras & Infrared (IR)”. The researchers explained a data exfiltration scenario, whereby malware accesses the surveillance camera in the local network and generates covert IR signals by controlling the cameras’ IR LEDs.

Also Read: Innoviz Technologies’ LiDAR solution moves into mass production

In such a case, binary data can be modulated, encoded, and transmitted as IR pulses which an attacker can detect from a distance. A hacker from a remote place, for example from a a parking lot, in line of sight or even out of line of sight of the cameras, can send covert IR signals using IR LEDs. Once the signals are received by the surveillance camera, malware within the network can intercept the signal and decode command and control (C&C) messages hidden in the video stream.

Also Read: Poorly designed smart LED lighting systems are open to hackers

As a result, the hacker can communicate with malware previously installed through supply chain attacks, malicious insiders, or social engineering.

The researchers implemented a malware prototype and tested it with different types of cameras that can communicate tens to hundreds of meters away from the network under attack. They were able to leak internal data at a bit rate of 20bit/s per camera and were able to deliver commands to the network at bit rate of more than 100bit/s from one camera.

These researchers at Ben-Gurion’s Cyber Security Research Center have earlier shown how disk lights and hard drive noise can be used to steal data. One experiment even focused on using compromised internet-enabled air conditioners to adjust temperatures as a signal to malware on computers on a separate network.

Source: Ben-Gurion University

Pin It

One comment

  1. Why the security is so loose if they didn’t research on it the may be someday someone hack it.

Leave a Reply

Your email address will not be published. Required fields are marked *