With this new technology, anyone can rob casinos and become a multi-millionaire like George Clooney and his team in Ocean’s 11, 12, and 13.
At the most recent DefCon conference, a new hack was demonstrated, that involves hijacking IP video streams and seamlessly replacing them with new content. Basically they showed how Danny (George Clooney) and Rusty (Brad Pitt) were able to replace the video steam in the Bellagio’s vault to show them stealing “money” in Ocean’s 11. This new hack allows anyone to gain access to an IP video surveillance feed and to see exactly what the camera is seeing. But the key to this hack is that it not only lets you see whats going on, it lets you replace the footage with whatever you want, fooling the actual security guards into thinking that absolutely nothing is happening when you are in their vault. Or, as in Ocean’s 11, the crew fools Benedict into thinking that people are stealing his money from his vault when they are really outside waiting for a squad truck to come bring them to their airplane.
Experts at the conference warned that most enterprises don’t have the tools necessary to prevent these attacks. The need for better security has increased as the popularity of IP video streams skyrocketed in the past few years. For example, Dallas Cowboys Stadium just installed over 3000 of these video cameras. An official at the conference said that “depending on how the network is configured, an attacker might be able to plug into the Ethernet jack in one of the Dallas Cowboys Stadium’s luxury boxes and conduct an attack.”
Hollywood heists may paint a glamorous picture of what these kinds of hacks can result in, but the reality is that instead of ending up sitting in first class eating caviar, you will be sitting in a grimey, smelly, sticky, and rather unpleasant jail cell waiting for your one phone call.
(via Privacy Digest)