Translate

GPA Store: Featured Products

Tuesday, June 18, 2013

Security expert: high-end surveillance cameras can be used by hackers to spy on sensitive facilities

image source: zigazou76/Flickr
Madison Ruppert

A U.S. security expert who worked as a software developer for the National Security Agency (NSA) in the past has revealed that the type of high-end surveillance cameras used in military bases, prisons, banks and industrial facilities can be remotely accessed by hackers.

Given the growing CCTV industry and the increasingly widespread deployment of surveillance cameras in major citiesresidential neighborhoods and even on private property, this report leads to some troubling possibilities.

Craig Heffner, who now works for a private security firm, has said that he identified currently unreported bugs in major digital surveillance systems which would allow hackers to spy on facilities or even gain access to highly sensitive computer networks.


“It’s a significant threat,” Heffner said in an interview with Reuters. “Somebody could potentially access a camera and view it. Or they could also use it as a pivot point, an initial foothold, to get into the network and start attacking internal systems.”

The equipment includes products from major corporations like Cisco, D-Link, TRENDnet, IQInvision, Alinking and 3SVision, according to Heffner.


Heffner will reportedly examine some of the so-called “zero-day” vulnerabilities during his talk, “Exploiting network surveillance cameras like a Hollywood hacker,” at the upcoming Black Hat hacking conference, starting July 31 in Las Vegas.

Heffner will also demonstrate a proof-of-concept attack which would allow a remote hacker to freeze and modify video streams from these cameras “in a true Hollywood fashion.”

It is worth noting that the keynote speaker for the first day of the conference is Gen. Keith Alexander,the head of the NSA and the growing U.S. Cyber Command.

Other talks at the conference will cover threats to various operating systems used by Apple and Microsoft along with everything from mobile phone networks to medical devices and industrial plant control systems.
Hundreds of thousands of surveillance cameras can be accessed via public internet, according to Heffner, who currently works for Tactical Network Solutions out of Columbia, Maryland.

All of these cameras are apparently vulnerable and, quite interestingly, Heffner said he has not discussed his research with the camera manufacturers and does not plan to before his presentation.

Cisco, D-Link and TRENDnet told Reuters that they would take any appropriate action necessary to secure their surveillance systems after Heffner’s presentation.

The research presented at the Black Hat conference is reviewed by a 22-member board which includes James Butler, the Director of Research and Development at Mandiant.

The conference is expected to bring in around 6,500 security professionals to hear over 100 talks.

I’d love to hear your opinion, take a look at your story tips and even your original writing if you would like to get it published. I am also available for interviews on radio, television or any other format. Please email me at Admin@EndtheLie.com

Please support our work and help us start to pay contributors by doing your shopping through our Amazon link or check out some must-have products at our store.

This article first appeared at End the Lie.

Madison Ruppert is the Editor and Owner-Operator of the alternative news and analysis database End The Lie and has no affiliation with any NGO, political party, economic school, or other organization/cause. He is available for podcast and radio interviews. Madison also now has his own radio show on UCYTV Monday nights 7 PM - 9 PM PT/10 PM - 12 AM ET. Show page link here:http://UCY.TV/EndtheLie. If you have questions, comments, or corrections feel free to contact him at admin@EndtheLie.com

Enter your email address to subscribe to our newsletter:


Delivered by FeedBurner
Be the Change! Share this using the tools below.
widgets
0 Comments
Disqus
Fb Comments
Comments :

Jasper Roberts Consulting - Widget