Forescout security researchers have demonstrated an attack on an IP camera that results in fake replay footage being displayed to security operators.
Such an attack might sound like a movie script, but the security researchers have demonstrated that it is actually easy to sabotage a surveillance camera and replace the real-time footage with pre-recorded content.
The attack, Forescout reveals, was carried out in only four simple steps and targeted the unencrypted video streaming protocols of the camera. A video demonstration of the attack was also published.
First, the researchers performed a man-in-the-middle attack on the network, to sniff and change passing traffic, then they started capturing the network traffic containing camera footage and record it for replay.
Next, the researchers forced the camera to end its current session with the associated network video recorder (NVR), to capture the NVR request for a new session and modify the specified client port to send the camera video to it. When the NVR attempts to set up a new connection, the attacker can send the recorded footage to it.
“We replaced the actual video stream with one previously recorded, to simulate what could happen in critical facilities like airports and hospitals, where compromising the video surveillance system may be the first step of a physical intrusion,” the researchers explain.
What makes this attack possible is the use of the unencrypted real-time transport (RTP) and real-time streaming protocol (RTSP) to stream video. Another issue, the researchers say, is that these cameras are typically installed, configured and deployed by personnel with little or no cybersecurity knowledge.
The use ..
Support the originator by clicking the read the rest link below.
