For various reasons, many executives and senior team members with privileged status on the network and/or access to financial assets oftentimes need to access corporate IT systems from a public place outside the office.

What is very common in these types of places is that they’re covered with security cameras. Such devices are a must-have for businesses to protect themselves against burglars. However, these devices do not always work in favor of the privacy or digital security of visitors.

It’s important to recall that security cameras have drastically changed over the years. Back in the days when security cameras were both expensive and recorded images with a low definition quality, they were scarce in most popular locations that are commonly used for casual meetings. But as the newest devices record high-quality images, these security cameras pose a potential threat to business leaders of high value.

Why would a coffee shop’s security cameras be a threat to the CEO who’s having a coffee while logging into their email?

The answer is: because most visitors enter their credentials on their smartphone or laptop are unaware of the potential of their username and password is recorded by the security cameras.

These security cameras are most likely transmitting their video stream over Wi-Fi or Bluetooth back to their recording devices. In this setup, there is a high probability that those cameras and recording devices themselves are connected to the same public Wi-Fi router employed by the business to provide its customers with free Wi-Fi.

Unfortunately, cracking a Wi-Fi connection isn’t always that difficult, as we saw with the KRACK vulnerability less than two years back.

An adversary could use that connection to gain access to the video stream in real time and mount an immediate attack by focusing in on the targeted executive and (Read more...)