Given how insecure IP cameras are, it is absolutely no surprise that the CIA has a number of tools and techniques to disable them when conducting operations. Over the past year, we have seen how many surveillance cameras are using default passwords, sending credential in-the-clear (unencrypted) over networks, running with buggy software, communicating to 3rd party destinations, and using insecure wireless connections. Some initial steps have been taken in the aftermath of the Mirai botnet and others like it, but there is much more that must be done holistically to lock down IP cameras.

CIA Can Disable Security Cameras During Operations!-cia-can-disable-security-cameras.jpg

I can only imagine creating the tools to disable these systems is likely child’s-play for the technical support teams of the CIA. Perhaps the role was assigned to interns or a junior team, hence the name. The release of project “Dumbo” by WikiLeaks has given a glimpse of what can be accomplished by field personnel who don’t want digital traces of them left behind.

Dumbo can corrupt video recordings as well as manipulate monitoring systems controlled by computers, such as microphones and cameras. Its purpose is simple. It is a field operators tool to tamper or destroying evidence of their activities. Everything needed is stored neatly on a USB stick.

Spy services like the CIA must operate in a modern world, where everyone has the ability to digitally lookup, track, record, and communicate. Meeting in the shadows and fake identities are no longer durable means of remaining secretive. This is the new playing field. If the CIA has such tools, I would expect the top 20 or so international spy agencies to also have similar capabilities to erase video footprints in the cyber world.

Interested in more? Follow me on LinkedIn, Twitter (@Matt_Rosenquist), Information Security Strategy, and Steemit to hear insights and what is going on in cybersecurity.