This article was brought to my attention. Tell me this is not so.
https://www.fastcompany.com/40470454/researchers-hack-malware-security-camera-over-airgap
This article was brought to my attention. Tell me this is not so.
https://www.fastcompany.com/40470454/researchers-hack-malware-security-camera-over-airgap
It is not "fake" in that you could built an exploit on something like this. However, you would need to first get access to the camera to load/modify some files that would allow it to use the IR capabilites for send/receive. Then, it would also be a fairly low-speed link.
Overall, this is not something where known exploits exist, or are very likely to be built. But, it is worth being aware of to help understand why IP cameras should be on segmented networks, kept updated, monitored, etc., if you are concerned about cyber security.
More info here at: IP Camera Use To Jump Air Gapped Networks
Main point is that the camera must be compromised to begin with. Then covert IR communication could conceivably be used to trigger a DNS attack or upload new instructions.
IMHO, theorectical hack at best...
Their account of an "air gap" isn't really that. They mention one leg inside the private corporate network and one in the public space. That's not an air gap IMO.
But, the idea, although plausible, really is based upon having an infected camera that has access to the corporate network, where viable data resides. If you truly air gap the cameras from the remaining corporate network, this isn't going to yield the attacker much data.
Maybe in a year or two we learn that every camera has had a peculiar "debug modulation" turned on in their IRs that spilt the system parameters to the environment...mildly encrypted of course..
If you consider a scenario where the camera resides on an airgapped network, but there is a possibility for someone to infect the camera and then communicate with it another way, I would say that it results in jumping an air gap. What is in the network itself, be it just cameras or network shares too, isn't really relevant.
It's not just the data they might gather, but the control they could have, while the owner of the system may believe that nothing can happen because of the gap, but didn't consider other, more mechanical feats cameras can do.
On the videos I watched showing this hack they had outside cameras and inside cameras. They used the IR on the outside cameras to transmit data from what the inside cameras where seeing to the outside world.
Could you link the videos you are referring to Michael? I had a customer mention this type of attack to me last month, but I did not really understand what he was getting at.
Great, now I'm going to be thinking of use cases for turning an IP camera into an IR blaster all day.
Ask questions and get answers to your physical security questions from IPVM team members and fellow subscribers.