NVR4108-4KS Recordings Paused by Thieves

J Sigmo · Jan 19, 2019

I'm not saying this was a clever attack on the security camera systems in this case.

But keep in mind that the car thieves themselves wouldn't have to be the brains behind a program and hardware that could disable camera systems any more than they would have to have invented the systems to defeat the car lock systems. They would simply buy or otherwise obtain that technology and use it.

I wouldn't have to design and build my own air rifle to use one, or design and build my own battery powered angle grinder to use one of them to cut locks, etc.

So the real question is: Has someone or some group built a tool that can easily and quickly disable security camera systems in an area such that crooks now have access to that technology?

I am skeptical. But who knows? This is an interesting thread.

fenderman · Jan 19, 2019

J Sigmo said:
I'm not saying this was a clever attack on the security camera systems in this case.

But keep in mind that the car thieves themselves wouldn't have to be the brains behind a program and hardware that could disable camera systems any more than they would have to have invented the systems to defeat the car lock systems. They would simply buy or otherwise obtain that technology and use it.

I wouldn't have to design and build my own air rifle to use one, or design and build my own battery powered angle grinder to use one of them to cut locks, etc.

So the real question is: Has someone or some group built a tool that can easily and quickly disable security camera systems in an area such that crooks now have access to that technology?

I am skeptical. But who knows? This is an interesting thread.

I know. It NEVER happened. Please...it amazing how silly folks can get.

mat200 · Jan 19, 2019

J Sigmo said:
..
So the real question is: Has someone or some group built a tool that can easily and quickly disable security camera systems in an area such that crooks now have access to that technology?
..

As remote as the chances maybe, I think this is a possibility, as the thieves are already using a tool they did not create themselves ( the relay attack ) - but probably purchased it from an Eastern European developer.

Remember a lot of the "script kiddies" who use cyberattacks do not know how to create the tools, only how to use them.

I doubt the foot soldiers of this criminal gang have that level of know how.

What sort of "tool" would this be?
1) Checks for local wifi networks - disrupts or attempts to break in to local network.
2) If able to jump on to the wifi network, sends some sort of DOS attack against know security systems.
( recall the microsoft windows OS "ping of death" - which was super easy to do if you knew what parameter to pass )

I just need to force a reboot to provide a couple of minutes of a blackout for their typical "scan, relay, and drive off"

J Sigmo · Jan 19, 2019

fenderman said:
I know. It NEVER happened. Please...it amazing how silly folks can get.

I think you're right.

But my point is that arguments that "the car thieves would have had to design such a system, and therefore, it seems implausible" are not relevant. The car thieves themselves are not likely to have invented any of the tools they employ.

J Sigmo · Jan 19, 2019

mat200 said:
As remote as the chances maybe, I think this is a possibility, as the thieves are already using a tool they did not create themselves ( the relay attack ) - but probably purchased it from an Eastern European developer.

Remember a lot of the "script kiddies" who use cyberattacks do not know how to create the tools, only how to use them.

I doubt the foot soldiers of this criminal gang have that level of know how.

That is precisely my point.

fenderman · Jan 19, 2019

J Sigmo said:
I think you're right.

But my point is that arguments that "the car thieves would have had to design such a system, and therefore, it seems implausible" are not relevant. The car thieves themselves are not likely to have invented any of the tools they employ.

There is no tool that will automatically disable/reboot an nvr with the click of a button.

J Sigmo · Jan 19, 2019

fenderman said:
There is no tool that will automatically disable/reboot an nvr with the click of a button.

And a few years ago, the relay attack tool didn't exist.

fenderman · Jan 19, 2019

J Sigmo said:
And a few years ago, the relay attack tool didn't exist.

You are misunderstanding, its an impossibility. It can never exist. Because it would require that this magic tool have access to the network, which it does not have and cannot have. To top it of, there is no reason for it. All they need to do is cover their faces, the neighbors cameras are not picking anything up. Its an unnecessary step.

J Sigmo · Jan 19, 2019

Again: I'm not saying this really happened.

I'm just saying that the argument saying that the thieves themselves had to have designed such a tool are irrelevant.

J Sigmo · Jan 19, 2019

fenderman said:
You are misunderstanding, its an impossibility. It can never exist. Because it would require that this magic tool have access to the network, which it does not have and cannot have.

I hope you're right, of course.

But you are missing what I'm saying.

My post was a reply to the posts above it implying that the thieves themselves had to have designed the tool. That's clearly not the case regardless.

fenderman · Jan 19, 2019

J Sigmo said:
Again: I'm not saying this really happened.

I'm just saying that the argument saying that the thieves themselves had to have designed such a tool are irrelevant.

There is and cannot be such a tool. And as noted, there is no benefit to them of going through this extra step. Just cover their faces. Done.

J Sigmo · Jan 19, 2019

Sigh.

fenderman · Jan 19, 2019

Kendive said:
Nope but if you have a bunch of wireless cameras. I could build a jammer that would work quite well at disabling them. Now of course this would be illegal to do but if you are already planning to break the law who cares... LOL

The OP did not have wifi cameras and alleges the NVR was disabled and then rebooted. No jammer can do that.

fenderman · Jan 19, 2019

J Sigmo said:
Sigh.

yes sigh...its amazing what folks will tell themselves.

J Sigmo · Jan 19, 2019

fenderman said:
There is and cannot be such a tool. And as noted, there is no benefit to them of going through this extra step. Just cover their faces. Done.

That's a good point that all of us security camera folks need to keep in mind.

No matter how sophisticated our camera systems are, it only takes a hoodie and some dirt on (or stolen) license plates to thwart identification, anyhow.

You don't need to be Al Mundy to successfully burglarize the typical target.

alastairstevenson · Jan 19, 2019

fenderman said:
The OP did not have wifi cameras and alleges the NVR was disabled and then rebooted. No jammer can do that.

Agreed - but, knowing (not just from personal experience) how weak some routers/APs are at handling traffic on their switch ports ...
I could imagine a WiFi disruptor spewing de-auth and other disrupting packets such as frequent auth requests sufficient to cause a low-end router to not pay much attention to its switch traffic such that the NVR suffers camera disconnects. A bit of a stretch, but within the bounds of possibility.
Simpler than gaining access to the WiFi - in effect a DDOS.

But @aabs never answered my question about whether that camera traffic to the NVR was passing through the router.
Without that, such a scenario is invalid.

fenderman · Jan 19, 2019

alastairstevenson said:
Agreed - but, knowing (not just from personal experience) how weak some routers/APs are at handling traffic on their switch ports ...
I could imagine a WiFi disruptor spewing de-auth and other disrupting packets such as frequent auth requests sufficient to cause a low-end router to not pay much attention to its switch traffic such that the NVR suffers camera disconnects. A bit of a stretch, but within the bounds of possibility.
Simpler than gaining access to the WiFi - in effect a DDOS.

But @aabs never answered my question about whether that camera traffic to the NVR was passing through the router.
Without that, such a scenario is invalid.

grasping at straws. They would also need to be within range of the router to initiate such an attack presumable within range of someones video cams. Also such an attack would not reboot the NVR. I will personally send you a bricked hik to play with if this is ever proven to be the case.

alastairstevenson · Jan 19, 2019

fenderman said:
grasping at straws.

Yes, agreed.
A most unlikely scenario. But stranger things etc ...

The relay/booster method for circumventing keyless / secure car activators would have seemed most unlikely a while back.
But some smart people did what was thought not possible, and the crooks can use it.

alastairstevenson · Jan 19, 2019

fenderman said:
I will personally send you a bricked hik to play with if this is ever proven to be the case.

That's one of my favourite activities.
But, unfortunately, they seem quite scarce. At least on ebay.co.uk and gumtree.co.uk

tangent · Jan 19, 2019

You'd think that a security camera or NVR might have a watchdog timer. If the system locks up for more that some about of time and the WDT trips it would reboot itself. 15 Minutes seems like a fairly long time to set a watchdog for. Has anybody ever had a camera or nvr that was tripping a watchdog timer?

Search

NVR4108-4KS Recordings Paused by Thieves

J Sigmo

Known around here

fenderman

mat200

J Sigmo

Known around here

J Sigmo

Known around here

fenderman

J Sigmo

Known around here

fenderman

J Sigmo

Known around here

J Sigmo

Known around here

fenderman

J Sigmo

Known around here

fenderman

fenderman

J Sigmo

Known around here

alastairstevenson

fenderman

alastairstevenson

alastairstevenson

tangent