Researchers show how easy it is to hijack an IoT surveillance feed

0
757

With so many devices now connected to the Internet, it is more important than ever to practice proper cyber hygiene. IoT devices are vulnerable to hacking due to many factors, such as poor ( or lack of) encryption, out of date firmware and use of default passwords.

Researchers at Forescout Technologies recently revealed how easy it is to hack into an IP camera and replace its video feed. There was a time where we would see something like that in a movie (Ocean’s Eleven, anyone?) and think, “Yeah, right.” However, we now live in a world where such an act is relatively easy to pull off if you have the technical ability.

The researchers exploited unencrypted protocols for video streaming to replace the camera’s real-time footage with pre-recorded content. The attack was carried out by using the following four steps:
1. Perform a man-in-the-middle attack on the network, using ARP poisoning, to be able to sniff and change passing traffic.
2. Capture the network traffic containing camera footage and record it for replay.
3. Force the camera to end its current session with its associated network video recorder (NVR) by replacing a GET_PARAMETER request, which is normally used as a heartbeat to keep the connection alive, with a TEARDOWN request, which is used to terminate the session.
4. The next time the NVR requests a new session to the camera, capture this request and modify the specified client port. This makes the camera sends its video to the port specified by the attacker. Since the NVR will not receive any video, it will try to set up a new connection again, so the attacker can send the footage recorded in Step 2 to the NVR.

The brand of the camera is irrelevant, as the researchers say any camera that uses weak protocols such as Telnet, FTP or SSDP, and use unencrypted real-time transport (RTP) and real-time streaming protocol (RTSP) to stream video are vulnerable. This research highlights just how important cybersecurity is, especially when it comes to video surveillance. Integrators should check out these cyber dos and don’ts to help adopt better policies and practices to keep customers safe.