Hackers can turn network cameras, microphones on you

Do you have a microphone or video camera connected to your computer or network? If you value your privacy, turn those devices off, a top Army computer protection official warned today.

Philip Loranger, chief of the Command and Control Protect Division in the Army's Information Assurance Office, demonstrated how anyone can attack a network and turn on any camera or microphones connected to that network with what he called "not very sophisticated hacker tools'' downloaded from the Internet.

Loranger, who conducted an attack on a dial-up military network in Columbia, Md., from an Association of U.S. Army Information Assurance symposium in Falls Church, Va., said the .mil system he managed to penetrate—and whose identity he would not disclose—did not have any intrusion-detection system despite the spurt of recent publicity about an increase in hacker attacks. Using "point and click'' hacker tools, Loranger said he cracked three out of seven passwords on the system.

Once inside the network, Loranger said he then probed the network and discovered a "read/write password file'' that allowed him to delete the "super-user'' password, allowing him to create a super-user password for himself, giving him free reign over the system. Loranger said this then allowed him to search the system for any microphones or cameras connected to it and then turned them on. "I can capture conversations and bring them back to my own computer,'' Loranger said, "and I can turn on video cameras and bring pictures back.''

The Army conducted this "white-hat attack'' after warning the target facility to expect it, Loranger explained, but the lack of intrusion-detection devices did not provide the system's users with any warning "until I launched a denial-of-service attack and brought the system down.''

Loranger said he conducted the demonstration to emphasize that hackers use information warfare attacks to do more than just cripple computers or steal information located on the network. The networks also can serve as real-time windows into the physical world outside the network.

Featured

  • Defense
    concept image of radio communication (DARPA)

    What to look for in DOD's coming spectrum strategy

    Interoperability, integration and JADC2 are likely to figure into an updated electromagnetic spectrum strategy expected soon from the Department of Defense.

  • FCW Perspectives
    data funnel (anttoniart/Shutterstock.com)

    Real-world data management

    The pandemic has put new demands on data teams, but old obstacles are still hindering agency efforts.

Stay Connected