Security cameras are vulnerable to attacks using infrared light -- Ben Gurion U. study

September 19, 2017

BEER-SHEVA, Israel...Sept. 19, 2017 - Ben-Gurion University of the Negev (BGU) researchers have demonstrated that security cameras infected with malware can receive covert signals and leak sensitive information from the very same surveillance devices used to protect facilities.

The method, according to researchers, will work on both professional and home security cameras, and even LED doorbells, which can detect infrared light (IR), not visible to the human eye.

In the new paper, the technique the researchers have dubbed "aIR-Jumper" also enables the creation of bidirectional, covert, optical communication between air-gapped internal networks, which are computers isolated and disconnected from the internet that do not allow for remote access to the organization.

The cyber team led by Dr. Mordechai Guri, head of research and development for BGU's Cyber Security Research Center (CSRC), shows how IR can be used to create a covert communication channel between malware installed on an internal computer network and an attacker located hundreds of yards outside or even miles away with direct line of sight. The attacker can use this channel to send commands and receive response messages.

To transmit sensitive information, the attacker uses the camera's IR-emitting LEDs, which are typically used for night vision. The researchers showed how malware can control the intensity of the IR to communicate with a remote attacker that can receive signals with a simple camera without detection. Then the attacker can record and decode these signals to leak sensitive information.

The researchers shot two videos to highlight their technique. The first video shows an attacker hundreds of yards away sending infrared signals to a camera. The second video shows the camera infected with malware responding to covert signals by exfiltration data, including passwords.

According to Dr. Guri, "Security cameras are unique in that they have 'one leg' inside the organization, connected to the internal networks for security purposes, and 'the other leg' outside the organization, aimed specifically at a nearby public space, providing very convenient optical access from various directions and angles."

Attackers can also use this novel covert channel to communicate with malware inside the organization. An attacker can infiltrate data, transmitting hidden signals via the camera's IR LEDs. Binary data such as command and control (C&C) messages can be hidden in the video stream, recorded by the surveillance cameras, and intercepted and decoded by the malware residing in the network.

"Theoretically, you can send an infrared command to tell a high-security system to simply unlock the gate or front door to your house," Guri says.
-end-
The research team also includes Dr. Dima Biekowski, Shamoon College of Engineering, and Prof. Yuval Elovici, director of the Cyber Security Research Center, a member of BGUs Department of Software and Information Systems Engineering and director of Deutsche Telekom Innovation Labs @ BGU.

About American Associates, Ben-Gurion University of the Negev

American Associates, Ben-Gurion University of the Negev (AABGU) plays a vital role in sustaining David Ben-Gurion's vision: creating a world-class institution of education and research in the Israeli desert, nurturing the Negev community and sharing the University's expertise locally and around the globe. As Ben-Gurion University of the Negev (BGU) looks ahead to turning 50 in 2020, AABGU imagines a future that goes beyond the walls of academia. It is a future where BGU invents a new world and inspires a vision for a stronger Israel and its next generation of leaders. Together with supporters, AABGU will help the University foster excellence in teaching, research and outreach to the communities of the Negev for the next 50 years and beyond. Visit vision.aabgu.org to learn more.

AABGU, which is headquartered in Manhattan, has nine regional offices throughout the United States. For more information, visit http://www.aabgu.org.

American Associates, Ben-Gurion University of the Negev

Related Malware Articles from Brightsurf:

No honor among cyber thieves
A backstabbing crime boss and thousands of people looking for free tutorials on hacking and identity theft were two of the more interesting findings of a study examining user activity on two online 'carding forums,' illegal sites that specialize in stolen credit card information.

Browser tool aims to help researchers ID malicious websites, code
Researchers have developed an open-source tool that allows users to track and record the behavior of JavaScript programs without alerting the websites that run those programs.

Tech companies not doing enough to protect users from phishing scams
Just over 15 years after the first reported incident of phishing, new research from the University of Plymouth suggests tech companies could be doing more to protect users from the threat of scams.

New computer attack mimics user's keystroke characteristics and evades detection, according to Ben-Gurion University cyber researchers
'Our proposed detection modules are trusted and secured, based on information that can be measured from side-channel resources, in addition to data transmission,' Farhi says.

Illinois researchers add 'time-travel' feature to drives to fight ransomware attacks
One of the latest cyber threats involves hackers encrypting user files and then charging ''ransom'' to get them back.

Design flaws create security vulnerabilities for 'smart home' internet-of-things devices
NC State researchers find countermeasures for designers of security systems and other smart home devices.

New technique uses power anomalies to ID malware in embedded systems
Researchers have developed a technique for detecting types of malware that use a system's architecture to thwart traditional security measures.

How a personality trait puts you at risk for cybercrime
Impulse online shopping, downloading music and compulsive email use are all signs of a certain personality trait that make you a target for malware attacks.

Research finds bots and Russian trolls influenced vaccine discussion on Twitter
Social media bots and Russian trolls promoted discord and spread false information about vaccines on Twitter using tactics similar to those at work during the 2016 United States presidential election, according to new research led by the George Washington University.

New malicious email detection method that outperforms 60 antivirus engines -- Ben-Gurion
They compared their detection model to 60 industry-leading antivirus engines as well as previous research, and found their system outperformed the next best antivirus engine by 13 percent -- significantly better than such products including Kaspersky, MacAfee and Avast.

Read More: Malware News and Malware Current Events
Brightsurf.com is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.com.