Confidential and sensitive computer networks are sometimes “air-gapped” — physically isolated from the internet and other networks, with no way for unauthorised data to get in or out. At least, that’s the theory.
But researchers from Ben-Gurion University have demonstrated how hackers can use an unconventional technique to smuggle data: Hijacking CCTV cameras and beaming infrared light. (We saw the paper via Fast Company.)
The attack works when a surveillance camera is connected to the network being attacked — and it requires the attacker to have already managed to get malware onto the network. (This could be via an infected USB stick, or via social engineering, the researchers suggest.)
Because cameras are typically in public places, it’s easy for the attacker to get a clear line-of-sight with them. The malware can then access the camera and use its infrared LEDs to transmit encoded data by “turning them on and off or controlling their IR intensity” — totally invisibly to the naked eye.
In this way, passwords or other sensitive data could be covertly exfiltrated out of the network. (Scroll down to see a video of this in action.)
Alternately, the attacker could use an invisible infrared signal that will be picked up by the camera to communicate invisibly with the malware. These new instructions will appear in the video stream and can be decoded by the malware, but will be meaningless to an observer.
“Security cameras are unique in that they have ‘one leg’ inside the organisation, connected to the internal networks for security purposes, and ‘the other leg’ outside the organisation, aimed specifically at a nearby public space, providing very convenient optical access from various directions and angles,” lead researcher Mordechai Guri said in a statement.
It shows how the most unlikely tech can be manipulated for unconventional and potentially malicious ends — but it’s far from the only weird way people have found to defeat air-gaps.
The Ben-Gurion team highlighted previous methods discovered by researchers, including: “Attackers may leak data through different types of radiation emitted from the computer. Leaking data using electromagnetic radiation has been investigated for more than twenty years. In this method, malware controls the electromagnetic radiation emitted from computer parts, such as LCD screens, communication cables, computer buses, and other components. Other air-gap covert channels are based on sonic and ultrasonic sound and heat emissions.”