Security Cameras can be Infiltrated Using Infrared Light for Malicious Attacks, according to Ben-Gurion University Cyber Researchers
The method, according to researchers, will work on professional security cameras as well as home security cameras and even LED doorbells, which can see infrared light (IR), not visible to the human eye.
In the new paper, the technique the researchers have dubbed, “aIR-Jumper,” also enables the creation of bidirectional covert optical communication between air-gapped internal networks that are isolated and disconnected from the internet, without remote access to the organization. The attacker can use this channel to send commands and receive response messages.
The cyber team led by Dr. Mordechai Guri, head of research and development at BGU’s BGU Cyber Security Research Center (CSRC) shows how infrared light can be used to create a covert communication channel between malware installed on an internal computer network and an attacker located outside hundreds of yards or even miles away with direct line of sight.
To transmit sensitive information, the attacker uses the camera’s infrared (IR) light emitting LEDs, which are typically used for night vision. The researchers showed how a malware can control the intensity of the IR light to communicate with a remote attacker that can receive signals with a simple camera without detection. Then the attacker can record and decode these signals to leak sensitive information.
The researchers shot two videos to highlight their technique. The first video shows an attacker hundreds of yards away sending infrared signals to a camera. The second video shows the camera infected with malware respond to covert signals by exfiltration data including passwords and an entire copy of The Adventures of Tom Sawyer in just a few seconds.
According to Dr. Guri, “Security cameras are unique in that they have ‘one leg’ inside the organization, connected to the internal networks for security purposes, and ‘the other leg’ outside the organization, aimed specifically at nearby public space, providing very convenient optical access from various directions and angles.”
Attackers can also use this novel covert channel to communicate with a malware inside the organization. An attacker can infiltrate data, transmitting hidden signals via the camera’s IR LEDs. Binary data such as command and control (C&C) messages can be hidden in the video stream, recorded by the surveillance cameras, and intercepted and decoded by the malware residing in the network.
“Theoretically, you can send an infrared command to tell a high security system to simply unlock the gate or front door to your house,” Guri says.
The research team also includes Dr. Dima Biekowski, Shamoon College of Engineering and Prof. Yuval Elovici, director of the BGU Cyber Security Research Center a member of BGU’s Department of Information Systems Engineering and director of the Deutsche Telekom Innovation Labs @ BGU