Is it a fair assessment to say that virtually anything electronic in nature can be hacked? And when I say electronic, I mean that it has to have some kind of component that connects it to a network or the cloud. Maybe the better word to use is digital. But I’m also thinking about devices, not just systems. If you answered yes to my question, then you won’t be surprised to learn that it’s possible for some body cameras to be hacked, tracked and manipulated. This was revealed by Josh Mitchell, a cybersecurity consultant during Def Con this past weekend.
Mitchell looked at devices produced by five companies — Vievu, Patrol Eyes, Fire Cam, Digital Ally and CeeSc — and found that they all had major security flaws. In four of the models, the flaws could allow a hacker to download footage, edit it and then upload it again without any evidence that this happened. In addition, all five devices had vulnerabilities that could let a hacker track their location or even manipulate their software. Why does this matter? Well, someone could unleash malware to the device, which, potentially could give the hacker access to a police network. And we all know what will happen at that point.
The scary part might be that the devices themselves lacked mechanisms to verify whether recorded footage is intact, or had unsecured wifi access points. This could give away a ton of information about the devices themselves. What’s the big deal? Vulnerabilities in general can be appalling, but once you add in the fact that these are being used by the police, it makes it that much worse. I’m not saying that access to anyone’s devices is “good”, but the role of the police is to protect us. How can they do that, if their software isn’t safe and secure?
This is what Mitchell had to say about it:
“With some of these vulnerabilities — it’s just appalling. These videos can be as powerful as something like DNA evidence, but if they’re not properly protected there’s the potential that the footage could be modified or replaced. I can connect to the cameras, log in, view media, modify media, make changes to the file structures. Those are big issues.”
As Mitchell notes, this is appalling. The findings themselves point to a number of serious flaws that could threaten the integrity of body camera footage. Which then calls into question the integrity of the body cameras themselves. The ACLU is up in arms about this, and they should be. How can we trust the validity of the recordings themselves, if literally anyone with knowledge of hacking can get in there and modify or erase a video? The ACLU suggests that no police equipment should be deployed without proper testing and proper standards. If the equipment doesn’t meet those standards, then it shouldn’t be deployed. They feel that it’s that simple, and I happen to agree with them.
How can we expect fair treatment if the system itself is wide open, from a security perspective? I am not going to suggest that the system itself already isn’t fair, but I think that this definitely throws shade at it. I think that more overhauls need to be made, but if we could start with technology, that would certainly mean progress. What happens from here remains to be seen, but I’m looking forward to finding out what police forces across the country end up doing with this information.