Wireless Video Surveillance Hijacking Threat

Published Mar 26, 2011 00:00 AM
PUBLIC - This article does not require an IPVM subscription. Feel free to share.

An Australian investigative report is highlighting the risk that video surveillance systems face from wireless hijacking. In this note, we examine the technical approach and consider the practical risks to production video surveillance systems.

The Australian report demonstrates how they can easily hack into video surveillance systems with a simple, low cost, readily available device. Here is a 3 minute video demonstration:

What they are doing is very straightforward and easy to understand. Some video surveillance systems use integrated basic wireless connections. These are generally very inexpensive and used by homeowners and small businesses who want just the basics. Google Products list thousands of wireless video surveillance kits ranging from $30 to $300 USD. These kits generally do not offer encryption nor significant constraints in accessing the video. If you walk down a busy street, sooner or later you are likely to find one (the video implies that this happens all over the place but this may be aggressive editing on the producer's part).

On the other hand, these kits are statistically uncommon in video surveillance overall and in professional wireless deployments. Obviously, the overwhelmingly majority of surveillance is wireline and therefore immune to this hack. Even among wireless systems, professional versions generally have encryption or use IP transmission, preventing these cheap wireless appliances from intercepting the video feed.

While hijacking surveillance or 'videojacking' is becoming a common topic of popular discussion, the cases consistently misunderstand the practical use and issues in production surveillance systems. Compare to our coverage of the Defcon surveillance hijacking and a consultant's call for aggressive encryption to stop videojacking.