Police issue warning after cameras at women’s apparel shop hacked

‘Assume every camera on a network can be hacked,’ cautioned the police cybercrimes unit.

Police cyber crime unit (photo credit: POLICE SPOKESPERSON'S UNIT)
Police cyber crime unit
(photo credit: POLICE SPOKESPERSON'S UNIT)
A viral Peeping Tom who hacked into the closed-circuit TV surveillance camera at a women’s bathing suit shop has led to a warning from the Israel Police Cybercrimes Unit that similar systems may be compromised and violate the privacy of unsuspecting persons.
According to police, an unidentified 41-year-old man was arrested on Wednesday after he allegedly used his computer to hack into the CCTV system at a high-end boutique in northern Tel Aviv and recorded customers as they undressed and tried on bathing suits.
While details of the incident remain unclear due to a gag order, police said the suspect subsequently posted the videos to a social media page.
“When the footage became public earlier this week, the national Cybercrimes Unit opened an investigation and arrested the suspect on Wednesday,” said police spokesman Micky Rosenfeld, adding that a Tel Aviv Magistrate’s Court judge ordered the suspect be remanded through Sunday.
Following the hacking, the Cybercrimes Unit recommended a number of preventive measures that should be taken by the public and by store owners to protect their privacy in similar situations.
“Take into account and assume that every camera that is on a network system can be hacked,” the unit warned in a statement. “Therefore, clothing store owners should ensure no cameras are placed in changing rooms or other sensitive locations.”
Additionally, the unit recommended that those who implement CCTV systems use complex passwords for accessing surveillance footage to make it difficult to hack into such video, and not connect the network systems used by the cameras to a public computer.
According to cyber-researchers at Ben-Gurion University of the Negev in Beersheba, security cameras infected with malicious software can use infrared light to receive covert signals and leak sensitive information.
The technique, called “aIR-Jumper,” also enables the creation of bidirectional covert optical communication between air-gapped internal networks that are isolated and disconnected from the Internet without remote access to the organization.