Josh Mitchell's Defcon presentation analyzes the security of five popular brands of police bodycams (Vievu, Patrol Eyes, Fire Cam, Digital Ally, and CeeSc) and reveals that they are universally terrible, though the Digital Ally models are the least bad of the batch, as Wired's Lily Hay Newman reports.
All the devices use predictable network addresses that can be used to remotely sense and identify the cameras when they switch on. Attackers could pinpoint intense police activity by watching for groups of cameras that all switch on at the same place and time.
None of the devices use code-signing, making them typical of garbagey Internet of Shit devices. That means that attackers can slip arbitrary code into them. And none of them cryptographically sign the video they take, which would be a relatively strong way of detecting tampering by police officers, their departments, or criminals.
There's tons more. Some of the devices can form ad-hoc wifi networks to bridge in other devices, but they don't authenticate these sign-ons, so you can just connect with a laptop and start raiding the network for accessible filesystems and gank or alter videos, or just drop malware on them.
Mitchell even realized that because he can remotely access device storage on models like the Fire Cam OnCall, an attacker could potentially plant malware on some of the cameras. Then, when the camera connects to a PC for syncing, it could deliver all sorts of malicious code: a Windows exploit that could ultimately allow an attacker to gain remote access to the police network, ransomware to spread across the network and lock everything down, a worm that infiltrates the department's evidence servers and deletes everything, or even cryptojacking software to mine cryptocurrency using police computing resources. Even a body camera with no Wi-Fi connection, like the CeeSc, can be compromised if a hacker gets physical access. "You know not to trust thumb drives, but these things have the same ability," Mitchell says.
"The fact that some law enforcement evidence-collecting devices can be hacked evokes some true nightmare scenarios," says Jay Stanley, senior policy analyst at the American Civil Liberties Union. "If there aren't reliable ways of ensuring that such equipment meets strong security standards, then something is deeply broken. No police equipment should be deployed that doesn't meet such standards."
Police Bodycams Can Be Hacked to Doctor Footage [Lily Hay Newman/Wired]