Video Surveillance

Video: Security Cameras can be Hacked Using Infrared Light

20 September 2017

Malware can be used with IR light to hack security cameras. Source: Photo by Siarhei Horbach on UnsplashMalware can be used with IR light to hack security cameras. Source: Photo by Siarhei Horbach on UnsplashSecurity cameras infected with malware can receive covert signals via infrared light to leak sensitive information from the surveillance devices used to protect facilities.

The hack can work for both professional and home security cameras or even light emitting diode (LED) doorbells that can detect IR, which is not visible by the human eye.

The method, developed by researchers from Ben-Gurion University of the Negev (BGU), creates bidirectional, covert, optical communication between air-gapped internal networks, which are computers isolated and disconnected from the internet that do not allow for remote access to the organization.

Researchers found that IR can be used to create a covert communication channel between malware installed on an internal computer network and an attacker located hundreds of yards outside or even miles away with a direct line of sight. Hackers then can use this communication to send commands and receive response messages.

Researchers were able to demonstrate how malware can control the intensity of the IR to communicate with a remote attacker that can receive signals with a simple camera without detection. Then the hackers can record and decode these signals to leak sensitive information.

"Security cameras are unique in that they have 'one leg' inside the organization, connected to the internal networks for security purposes, and 'the other leg' outside the organization, aimed specifically at a nearby public space, providing very convenient optical access from various directions and angles,” says Mordechai Guri, head of research and development at BGU’s Cyber Security Research Center.

Using this attack, hackers can infiltrate data, transmit hidden signals via the camera’s IR LEDs and hide messages in the video stream that can then be intercepted and decoded by the malware residing in the network.

"Theoretically, you can send an infrared command to tell a high-security system to simply unlock the gate or front door to your house," Guri says.

The full research can be found in the new paper entitled “alR-Jumper”.

To contact the author of this article, email PBrown@globalspec.com


Powered by CR4, the Engineering Community

Discussion – 0 comments

By posting a comment you confirm that you have read and accept our Posting Rules and Terms of Use.
Engineering Newsletter Signup
Get the GlobalSpec
Stay up to date on:
Features the top stories, latest news, charts, insights and more on the end-to-end electronics value chain.
Advertisement
Weekly Newsletter
Get news, research, and analysis
on the Electronics industry in your
inbox every week - for FREE
Sign up for our FREE eNewsletter
Advertisement
Find Free Electronics Datasheets
Advertisement