All CCTV cameras vulnerable to infrared attacks – study
The study, by researchers at Ben-Gurion University of the Negev (BGU), found that because security cameras are equipped with infrared (IR) LEDs for night vision, hackers can establish a bidirectional covert connection with the internal network of the security system.
The paper outlines two scenarios in which sensitive data can be accessed, encoded and transmitted over IR signals; exfiltration (leaking data out of the network) and infiltration (sending data into the network).
In the exfiltration scenario, the attackers access the surveillance cameras across a local network with the help of a malware and use the cameras’ IR signals to transmit sensitive data such as pin codes or passwords.
In the infiltration scenario, the attacker, up to tens of meters away, uses IR LEDs to transmit signals, naked to the human eye, to the camera. Encoding binary data like command and control messages on top of the IR signals.
“The exfiltration and infiltration can be combined to establish bidirectional, 'air-gap' communication between the compromised network and the attacker,” read the paper, published in the Cornell University Library.
The technique can be used on both professional and personal home security systems, including LED doorbells.
"Theoretically, you can send an infrared command to tell a high-security system to simply unlock the gate or front door to your house," said Dr. Mordechai Guri, head of research and development for BGU's Cyber Security Research Center (CSRC).