It is the well-known practice that the best protection for any IT system is its isolation from external networks. Servers that contain confidential information (such as banking systems) do not have access to the Internet and other external networks. However, it is possible to break into them differently. It turns out that criminals can use industrial cameras that operate on infrared.

This method was presented by scientists from Ben-Gurion University in Israel. Mordechai Guri, who is the team leader, points out that surveillance cameras are one leg located in a secure and isolated network and the other is outdoors, where public places like e.g. public parking are very common. The attack is also imperceptible to outsiders, because infrared light is invisible to the human eye.

To attack is based on malware software that communicates with the camera.

Quite frankly, this discovery does not mean that all institutions will immediately drop out of surveillance systems because they can break through. The presented attack method has one disadvantage. It requires prior installation of malware in a well-protected and most often isolated network. Then the worm communicates with the infrared camera that is connected to the same network. Since then, the industrial camera plays a role of relay that can send data at 20 bits per second and receive at 100 bits per second. This is not a dizzying speed, but it is sufficient to steal passwords and other sensitive data. The attack takes place so that after the infection, the attacked camera is in the listening mode and waiting for the light sequence that will wake it up. Criminals can reach the parking lot in the middle of the night and steal data at a safe distance. Malware software can also use the camera to broadcast sensitive data in the loop. A similar attack, with the use of hard disk LEDs, was demonstrated in May this year.

Source: Ars Technica