Research Exploits Critical Vulnerability in Security Cameras

Cyber researchers at Ben-Gurion University of the Negev in Beersheva have developed a method for hacking security cameras that can take over a surveillance system, issue commands and steal sensitive data, The Jerusalem Post reported on Sunday.

Infrared light is employed to create a covert communication channel between malware installed on an internal computer network and an attacker with a direct line of sight as much as several miles away.

The technique, dubbed “aIR-Jumper,” can order a high-security system to unlock the gate or front door to your house, said Dr. Mordechai Guri, head of research and development at BGU’s Cyber Security Research Center.

Professional as well as home-security cameras, and doorbells that use LED lights, are all vulnerable to aIR-Jumper.

Guri explained the vulnerability that their new technology takes advantage of:

“Security cameras are unique in that they have ‘one leg’ inside the organization, connected to the internal networks for security purposes and ‘the other leg’ outside the organization, aimed specifically at nearby public space, providing very convenient optical access from various directions and angles,” Guri said.

A demonstration video produced by the BGU team showed an attacker at a remote location using aIR-Jumper to send infrared signals to a camera and then extracting data, including passwords and an entire book in a matter of seconds.