UK Network Security Company Warns of Issues with Wireless CCTV Cameras

Jan. 13, 2005
Signal interception, denial of service attacks cited as threats by security testing specialist at NTA Monitor Ltd.

Corporations protected by Wireless CCTV cameras are in danger of Denial of Service (DoS) and signal interception attacks, warns G. Chim of Internet security testing specialist, NTA Monitor Ltd.

Currently, 99 percent of wireless CCTV cameras utilize generic/analogue technology without encryption and transmit signals on frequencies between 2.4 Ghz - 2.4835 Ghz, the same frequency as microwave and normal wireless networking devices. All that is required for a successful DoS attack is a device that transmits on the same frequency, with a greater power source, which will disrupt the CCTV transmission.

Intercepting the signal is also easy and can be done by using an ICOM frequency scanner. Once a CCTV camera is disabled, an attacker can gain entry, undetected, into an organization's building and simply steal the hard drive of a server.

Just as susceptible to interception are intelligent/digital 802.11 systems, which currently account for 1% of the wireless CCTV camera market. Despite using 802.11 64/128/256 bit WEP encryption, the system vulnerabilities are the same as for 802.11 networking. By intercepting wireless 802.11 packets, images can be read and user names/passwords can be used to send images to a server on the network that can be intercepted. By monitoring sufficient traffic it should be possible to recover the encryption keys and perform an attack.

An intruder can also disarm the CCTV monitoring system by simply using a low power electronic PDA or laptop with a wireless card. If the attacker targets the CCTV server the whole wireless CCTV network can be brought down by a DoS attack.

Roy Hills, Technical Director, NTA Monitor comments: "30 percent of CCTV cameras in the UK are now wireless and organizations need to be aware that this type of outside building security is not a panacea.

"Unfortunately, wireless system traffic can always be intercepted whether it uses encryption or not. However, owners of intelligent/digital 802.11 systems can use the same protection as a normal computer wireless network such as MAC Filtering, IP Filtering and Intrusion Detection Systems. All of these make system exploitation harder and increase the chances of being able to detect attacks.

"Until there are water-tight preventative methods that address the threat of DoS and signal interception attacks, we would recommend businesses use wired CCTV cameras for building surveillance."