8.12.19 – SSI
Researchers replaced an IP camera’s real-time footage with pre-recorded video, highlighting the dangers of weak encryption.
SAN JOSE, Calif. — With so many devices now connected to the Internet, it is more important than ever to practice proper cyber hygiene.
IoT devices are vulnerable to hacking due to many factors, such as poor ( or lack of) encryption, out of date firmware and use of default passwords.
Researchers at Forescout Technologies recently revealed how easy it is to hack into an IP camera and replace its video feed. There was a time where we would see something like that in a movie (Ocean’s Eleven, anyone?) and think, “Yeah, right.” However, we now live in a world where such an act is relatively easy to pull off if you have the technical ability.
- Perform a man-in-the-middle attack on the network, using ARP poisoning, to be able to sniff and change passing traffic.
- Capture the network traffic containing camera footage and record it for replay.
- Force the camera to end its current session with its associated network video recorder (NVR) by replacing a GET_PARAMETER request, which is normally used as a heartbeat to keep the connection alive, with a TEARDOWN request, which is used to terminate the session.
- The next time the NVR requests a new session to the camera, capture this request and modify the specified client port. This makes the camera send its video to the port specified by the attacker. Since the NVR will not receive any video, it will try to set up a new connection again, so the attacker can send the footage recorded in Step 2 to the NVR.
This research highlights just how important cybersecurity is, especially when it comes to video surveillance. Integrators should check out these cyber dos and don’ts to help adopt better policies and practices to keep customers safe.
You can learn more about the research here, or watch the video below to see how the hack was done.
Hacking Surveillance System Demonstration by Forescout from BleepingComputer.com on Vimeo.