Blog

No items found.

Smile! You're on camera

Smile! You're on cameraDefault blog imageDefault blog image
13
Feb 2017
13
Feb 2017

Every day, we’re surrounded by cameras and microphones. It’s not just those on our smartphones and laptops anymore. It’s smart TVs, CCTV cameras, conferencing systems, and virtual assistants like Amazon’s Alexa. Many of these devices are recording even when you think they’re off, so they collect audio and video footage 24/7.

Unfortunately, these are among the most vulnerable devices in the IT world. The Mirai botnets responsible for the largest DDoS attack in history have reportedly taken control of 300,000 devices worldwide. Most of them are cameras and video recording equipment.

So why is video equipment so vulnerable? In short, they were manufactured for mass production, and quick time-to-market, not security. After the Dyn DDoS attack, Chinese company Xiongmai vowed to recall up to 10,000 webcams. Devices like these use default usernames and passwords like “admin” and “password”. And in many cases, they’re designed so that users can’t change the password.

The scale of this vulnerability is giving way to a new threat type: ambient surveillance, where you are potentially watched all the time as you move around the world.

But this begs the question: who would want to do such a thing? What would they have to gain by listening to my meetings for hours? Why would a hacker want to watch my face staring at a computer screen?

Because it’s profitable. The rapid development of AI means that ambient surveillance is increasingly becoming a viable way to penetrate business environments and engage in corporate espionage and ambient data theft.

In the past, attackers would have to go through victims’ video or audio footage manually to look for something of value. But AI techniques will automate the process. Attackers will be able to train malicious software to know what to look for – to understand what it hears and sees. In other words, infected machines will be able to sift through all the boring stuff to find the diamond in the rough – recognizing faces, images, and words along the way.

Without disrupting normal functions, conferencing systems could quietly listen and extract the most valuable information, like discussions of illegal activity, quarterly earnings, negotiations, or prep for M&A.

This isn’t just a hypothetical. Recently, Darktrace observed a law firm’s video-conferencing unit behaving strangely. It was transmitting large volumes of data to rare external IPs. The camera was being accessed remotely, allowing the attacker to essentially live stream images and sound. The worst part?

The conference room was used for the most important board and customer meetings. Sensitive information was discussed daily, and the attacker had access to all of it.

This case involved sending large streams of data to the attacker’s server. But soon, cyber-attacks will only send back the most relevant information. By leaking only tiny fragments, these attacks will be much harder to detect.

In the movies, we see gangsters and spies lock their phones away before discussing sensitive topics. But in an era of widespread IoT we need to do something cleverer than hiding from our devices. Ambient surveillance is just one of many new techniques that modern attackers will add to their arsenal.

Like this and want more?

Receive the latest blog in your inbox
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
INSIDE THE SOC
Darktrace cyber analysts are world-class experts in threat intelligence, threat hunting and incident response, and provide 24/7 SOC support to thousands of Darktrace customers around the globe. Inside the SOC is exclusively authored by these experts, providing analysis of cyber incidents and threat trends, based on real-world experience in the field.
AUTHOR
ABOUT ThE AUTHOR
Dave Palmer
Advisor
USE CASES
No items found.
PRODUCT SPOTLIGHT
No items found.
COre coverage
No items found.

Related Articles

No items found.

Good news for your business.
Bad news for the bad guys.

Start your free trial

Start your free trial

Flexible delivery
You can either install it virtually or with hardware.
Fast install
Just 1 hour to set up – and even less for an email security trial.
Choose your journey
Try out Self-Learning AI wherever you most need it — including cloud, network or email.
No commitment
Full access to the Darktrace Threat Visualizer and three bespoke Threat Reports, with no obligation to purchase.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Get a demo

Flexible delivery
You can either install it virtually or with hardware.
Fast install
Just 1 hour to set up – and even less for an email security trial.
Choose your journey
Try out Self-Learning AI wherever you most need it — including cloud, network or email.
No commitment
Full access to the Darktrace Threat Visualizer and three bespoke Threat Reports, with no obligation to purchase.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.