In-brief: a California company that makes wearable cameras that are used by law enforcement and the military said a report that it shipped cameras infected with the Conficker virus were “distressing,” but that it was unable to locate the malware on its devices or within its environment.
A California company that makes wearable cameras that are used by law enforcement and the military said a report that it shipped cameras infected with the Conficker virus was “distressing,” but that it has been unable to locate evidence of the malware on its devices or within its environment.
In an e-mail to The Security Ledger, Jason Smith of Martel Electronics, said that an investigation at the Yorba Linda, California firm using “multiple antivirus products” was unable to locate any evidence of the Conficker malware and that “all cameras tested clean.” This, after a report last week from a Florida IT services firm, iPower Technologies, claimed that a batch of wearable cameras shipped from the firm tested positive for Conficker, a seven year-old virus that menaced firms across the globe in 2008 and 2009 before becoming one of many endemic online infections.
According to iPower’s report, technicians ordered two of Martel’s Frontline Camera with GPS at a cost of $499 each. The cameras are marketed and sold to police departments. iPower was contracted to develop a cloud-based video storage system for government agencies and police departments to store and search camera video, the company said.
Get the New 2017 SANS Research Report on 'Threat Hunting' -- Written by experts from the SANS Institute, the survey reveals a number of interesting data points about the challenges and benefits of threat hunting.
[Read more Security Ledger coverage of supply chain issues.]
Upon connecting the shipped cameras to a PC in the company’s lab environment, antivirus software on the iPower PC immediately flagged and quarantined a virus attempting to propagate from the connected camera. Subsequent testing confirmed that “multiple body cameras had been shipped to iPower preloaded with the Win32/Conficker.B!inf worm virus.”
Conficker was first identified in November, 2008 and spread globally by exploiting a vulnerability (MS08-067) in a network service common to Windows 2000, Windows XP, Windows Vista, Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2 Beta. At the time of the discovery, Microsoft had already released an emergency out-of-band patch for the hole, but many Windows systems had not yet been patched. A second variant of Conficker, discovered in December, added the ability to spread via removable media and network shares – a feature that may have allowed it to infect the USB-based Martel cameras, as well.
Martel, based in Yorba Linda, California, is a 58 year-old firm that describes itself as “one of the largest manufacturers of police in-car video systems in America” with cameras in use in nearly “every county” in the U.S. Martel is a GSA-approved contractor and claims to make cameras for the US military and the federal government, as well. The company said it tests every camera for function after it is received from the manufacturer, then formats (or wipes) it prior to shipping, Smith wrote. “We have been selling body cameras for many years now and have never encountered any issues with malware or viruses…Our units are utilized by the U.S. military, so we are extremely careful when it comes to security,” Smith wrote, in response to questions from Security Ledger about the iPower report.
Given its vintage, the Conficker virus would likely be spotted by just about any legitimate antivirus program. Still, viruses could be introduced to the device either at the manufacturer or during configuration and testing prior to shipment.
Virus infections are becoming more common on new devices, pointing to integrity issues in the global supply chain. Just this week, researchers at the firm Cheetah Mobile reported that Android tablets sold through Amazon.com were shipped with a variant of a Trojan horse program dubbed Cloudsota pre-installed. More than 17,000 of the tablets were sold to customers in 153 countries, Cheetah mobile reported. In December, 2014, researchers at Lookout Security wrote about “DeathRing,” a Chinese Trojan that came pre-installed on a number of smartphones popular in Asian and African countries.
Smith of Martel did not respond to a request to provide more detail about the incident or to speculate on how the malicious software infected his company’s wearable body cameras. He stood by Martel’s reputation. “Our units are utilized by the U.S. military, so we are extremely careful when it comes to security. We have been serving law enforcement and the U.S. Military since 1957,” he wrote.