Israeli cyber experts: WikiLeaks CIA papers don’t show the half of it
Top security chiefs say the cyber threat online was much greater than that shown by leaked CIA papers on WikiLeaks
Israeli cyber-security experts have said the CIA documents on WikiLeaks don’t show the half of how your computers and TVs can be hacked.
Professor Ofer Hadar, chair of the Department of Communications Systems Engineering at Ben-Gurion University in the Negev, said the threat was actually much greater than that shown by the leaked papers.
This week’s WikiLeaks dump revealed that spies at the Central Intelligence Agency in the U.S. can hack into smart TVs and covertly record conversations, even when the TV appears to be turned off. But Hadar said hacking techniques go much further.
“Any video or picture downloaded or streamed by a user is a potential vehicle for a cyber-attack,” he said. “Hackers like videos and pictures because they bypass the regular data transfer systems of even secure systems and there is a lot of space to implant malicious code.”
Video and picture downloads and video streaming now account for around 50 percent of internet traffic and this is expected to rise to around two-third of all web traffic by 2020.
Hadar said his team had developed “a multi-vector series of algorithms” to prevent attackers from hacking through videos or pictures, and that this “can be implemented without decreasing run-time and with minimum impact on the image”. It has been nicknamed the Coucou project.
The team’s methods are based on steganography – the practice of concealing a file, message, image, or video within another file, message, image or video in the compressed domain, and Hadar has been part-funded by the Israeli state.
Once it has been planted on the victim’s servers/hosts, the malware either embed the victim’s classified information into the uploaded content, making it accessible to the attacker, who can then download the infected content and extract the information. Attackers can also upload infected content to a social network or any other server where the malware extracts the shell code and executes it.
“When considering future applications of our product, we envision covert channel and protection applications and anticipate that the technique will be used by Firewall and antivirus companies,” said Hadar.
comments