Police body cameras are riddled with security vulnerabilities would could allow a hacker to remotely tweak or delete footage, track the cops wearing them or weaponize the bodycam by installing malware such as ransomware that could be spread to other devices in a police station.
Josh Mitchell, aka @bx_lr, a consultant at the security firm Nuix, pointed out a plethora of critical security issues with police body cameras during his presentation at Def Con. After analyzing bodycams by Vievu, Patrol Eyes, Fire Cam, Digital Ally, and CeeSc, “appalling” is what Mitchell called some of the vulnerabilities which could be remotely exploited.
“These videos can be as powerful as something like DNA evidence, but if they’re not properly protected there’s the potential that the footage could be modified or replaced,” Mitchell told Wired. “I can connect to the cameras, log in, view media, modify media, make changes to the file structures. Those are big issues.”
All the body cameras except CeeSc have Wi-Fi radio and broadcast unencrypted identifying information about the devices. An attacker with a long-range antenna could track the cops wearing the bodycams. And that doesn’t mean track the location of a single officer as multiple cameras being activated at the same time could potentially warn the attacker that cops were coordinating a raid.
The model of Vievu and Patrol Eyes cams which Mitchell analyzed could generate their own Wi-Fi access points. Sadly, they were not secured properly to prevent other devices from connecting to the camera’s private network.
Mitchell found flaws in all five bodycams, ranging from the lack of digital code-signing to relying on easy-to-find default credentials. This opens the door to evidence tampering. An attacker, for example, could connect to the bodycam and manipulate or even delete video footage.
Wired consulted ACLU Senior Policy Analyst Jay Stanley who said, “The fact that some law enforcement evidence-collecting devices can be hacked evokes some true nightmare scenarios.” He suggested that if the bodycams don’t have strong security standards, then the devices should not be used.
The failure to cryptographically sign firmware updates means cops’ bodycams could even be used as an attack vector.
Mitchell even realized that because he can remotely access device storage on models like the Fire Cam OnCall, an attacker could potentially plant malware on some of the cameras. Then, when the camera connects to a PC for syncing, it could deliver all sorts of malicious code: a Windows exploit that could ultimately allow an attacker to gain remote access to the police network, ransomware to spread across the network and lock everything down, a worm that infiltrates the department’s evidence servers and deletes everything, or even cryptojacking software to mine cryptocurrency using police computing resources.
Mitchell did tell the vendors about the issues and he hopes that fixes for all the flaws will be deployed. “These are full-feature computers walking around on your chest, and they have all of the issues that go along with that,” Mitchell warned.