https://www.iotworldtoday.com/wp-content/themes/ioti_child/assets/images/logo/mobile-logo.png
  • Home
  • News
    • Back
    • Roundups
  • Strategy
  • Special Reports
  • Business Resources
    • Back
    • Webinars
    • White Papers
    • Industry Perspectives
    • Featured Vendors
  • Other Content
    • Back
    • Q&As
    • Case Studies
    • Features
    • How-to
    • Opinion
    • Podcasts
    • Strategic Partners
    • Latest videos
  • More
    • Back
    • About Us
    • Contact
    • Advertise
    • Editorial Submissions
  • Events
    • Back
    • Embedded IoT World (Part of DesignCon) 2022
Iot World Today
  • NEWSLETTER
  • Home
  • News
    • Back
    • Roundups
  • Strategy
  • Special Reports
  • Business Resources
    • Back
    • Webinars
    • White Papers
    • Industry Perspectives
    • Featured Vendors
  • Other Content
    • Back
    • Q&As
    • Case Studies
    • Features
    • How-to
    • Opinion
    • Podcasts
    • Strategic Partners
    • Latest videos
  • More
    • Back
    • About Us
    • Contact
    • Advertise
    • Editorial Submissions
  • Events
    • Back
    • Embedded IoT World (Part of DesignCon) 2022
  • newsletter
  • IIoT
  • Cities
  • Energy
  • Homes/Buildings
  • Transportation/Logistics
  • Connected Health Care
  • Retail
  • AI
  • Metaverse
  • Development
  • Security
ioti.com

Security


Thinkstock

Wikileaks' camera hack disclosure

WikiLeaks discloses CIA IP camera hack

The whistleblower organization’s news that CIA was targeting IP cameras highlights how vulnerable they are to exploits.
  • Written by Brian Buntz
  • 8th August 2017

Many heist movies have a familiar plot device. A savvy criminal team, with an eye on jewels or a bank vault, will identify a surveillance camera guarding their target. They will then devise a plan to spoof camera footage, fooling unsuspecting security guards into believing that everything is normal as the thieves make off with their loot. The basic script is so familiar in the heist genre that it has become a cliché.

But it just so happens that the CIA has used a similar technique, which it code-named Dumbo, according to documents released by WikiLeaks. The Dumbo instruction manual explains that, before the spy agency sends a team of officers into a building, they can shut off Internet Protocol (IP) cameras or microphones within, corrupt video footage or “deter home security systems that may identify officers or prevent operations.” The last of the files on the WikiLeaks website relating to the IP camera hack date from July 2015 while the earliest documents are from 2012.

It is not the first IoT-related exploit that WikiLeaks has recently released related to the CIA. Earlier this year, the whistleblower agency released a trove of other files purportedly from the CIA, including malware known as Weeping Angel that gives intelligence officials the ability to secretly listen to the microphone found within Samsung smart TVs. The documents for both the Dumbo and Weeping Angel exploits explain that a USB thumb drive is required to launch the attacks.

[IoT Security Summit, co-located with Blockchain360 and Cloud Security Summit, explores how industry-wide security, privacy and trust can be established to unlock the full potential of IoT. Get your ticket now.]

Earlier, WikiLeaks announced it had posted a CIA document dating from 2014 mentioning the agency’s intent to potentially target vehicles, industrial control systems and, more broadly, “The Things in the Internet of Things.”

It’s perhaps not surprising that the CIA would develop exploits for IP cameras. Security experts have been working on IP camera hacks for years.

In 2013, Craig Heffner, a security researcher who formerly worked at the National Security Agency found vulnerabilities in IP cameras from a range of vendors. “It’s a significant threat,” he told Reuters. “Somebody could potentially access a camera and view it. Or they could also use it as a pivot point, an initial foothold, to get into the network and start attacking internal systems.”

Two years later, independent cybersecurity engineers Van Albert and Zach Banks demonstrated at the Defcon security conference how they were able to loop surveillance cameras hooked up to an Ethernet cable.

IP cameras, along with routers and DVRs, were also one of the most common types of devices behind the 2016 Mirai botnet, which caused significant internet outages in the United States and Europe.

Tags: Article Security Technologies News

Related


  • Image shows IoT (Internet of Things) concept.
    IoT Product Roundup: Amazon, Synaptics, Urban Control and More
    The latest new Internet of Things products
  • Image shows an illuminated laptop computer in the dark
    ScaleUp AI 2022: Hackers Using AI to Penetrate Defenses
    SentinelOne unearths Russian-linked Wiper Attacks targeting satellite internet modems
  • Google Cloud Buys the ‘Navy Seals of Cybersecurity’
    Acquisition of Mandiant boosts competitiveness vs. Azure, AWS
  • Image shows a digital security concept
    IoT Devices Most Vulnerable to Internal Security Threats
    Insider cybersecurity threats are on the rise and Iot devices are at the greatest risk

Leave a comment Cancel reply

-or-

Log in with your IoT World Today account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Related Content

  • Company Sets New Standards for IoT Device Security
  • DigiCert Acquires Mocana to Expand IoT Cybersecurity Presence
  • Thrive Managed Services Acquires InCare Technologies, Plans US Expansion
  • IoT Security Firm to Acquire Medical Security Startup

Roundups

View all

IoT Product Roundup: PTC, Nokia, Arm and More

19th May 2022

IoT Deals, Partnerships Roundup: Intel, Nauto, Helium and more

14th May 2022

IoT Product Roundup: Amazon, Synaptics, Urban Control and More

27th April 2022

White Papers

View all

The Role of Manufacturing Technology in Continuous Improvement Ebook

6th April 2022

IIoT Platform Trends for Manufacturing in 2022

6th April 2022

Latest Videos

View all
Dylan Kennedy of EMQ

Embedded IoT World 2022: Dylan Kennedy of EMQ

Dylan Kennedy, EMQ’s VP of global operations, sat down with Chuck Martin at Embedded IoT World 2022.

Embedded IoT World 2022: Omdia’s Sang Oh Talks Vehicle Chip Shortage

Omdia’s automotive semiconductor analyst sits down with Chuck Martin at this year’s event

E-books

View all

How Remote Access Helps Enterprises Improve IT Service and Employee Satisfaction

12th January 2022

An Integrated Approach to IoT Security

6th November 2020

Webinars

View all

Rethinking the Database in the IoT Era

18th May 2022

Jumpstarting Industrial IoT solutions with an edge data management platform

12th May 2022

AI led Digital Transformation of Manufacturing: Time is NOW

9th December 2021

Special Reports

View all

Omdia’s Smart Home Market Dynamics Report

7th January 2022

Cybersecurity Protection Increasingly Depends on Machine Learning

28th October 2020

IoT Security Best Practices for Industry and Enterprise

20th October 2020

Twitter

IoTWorldToday, IoTWorldSeries

Explore Emerging Tech For Enterprises at @TechXLR8 2022 this June ➡️ Join us from 1-3 June in harnessing the pow… twitter.com/i/web/status/1…

24th May 2022
IoTWorldToday, IoTWorldSeries

Clearview AI has been fined $9.4 million for collecting images of people from social media platforms to add to its… twitter.com/i/web/status/1…

24th May 2022
IoTWorldToday, IoTWorldSeries

Swiss-startup Airyacht is developing an eponymously named vehicle that it says will take the luxury-yacht experienc… twitter.com/i/web/status/1…

23rd May 2022
IoTWorldToday, IoTWorldSeries

@Tesla’s #Autopilot being investigated once again following fatal crash in Newport Beach, California. iotworldtoday.com/2022/05/23/tes…

23rd May 2022
IoTWorldToday, IoTWorldSeries

A new Kansas law will enable #driverless deliveries from @Walmart and its partner @Gatik_AI. #AVs… twitter.com/i/web/status/1…

23rd May 2022
IoTWorldToday, IoTWorldSeries

Access a world of opportunity in 2022 with @IoTWorldToday ➡️ Now is time to unlock ROI, by accessing a global com… twitter.com/i/web/status/1…

23rd May 2022
IoTWorldToday, IoTWorldSeries

3D Home Printer to Build 72 Residences for National Homebuilder dlvr.it/SQhWSF https://t.co/XJOs70DqzH

19th May 2022
IoTWorldToday, IoTWorldSeries

Microsoft Ramping up Cybersecurity Service Offerings dlvr.it/SQhPR0 https://t.co/nYzaDRnyVY

19th May 2022

Newsletter

Sign up for IoT World Today newsletters: vertical industry coverage on Tuesdays and horizontal tech coverage on Thursdays.

Special Reports

Our Special Reports take an in-depth look at key topics within the IoT space. Download our latest reports.

Business Resources

Find the latest white papers and other resources from selected vendors.

Media Kit and Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • IoT World Series
  • Channel Futures
  • RISC-V
  • Dark Reading
  • ITPro Today
  • Web Hosting Talk

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Login/Register

FOLLOW IoT World Today ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookies Policy
  • Terms
Copyright © 2022 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X