Police body cameras are riddled with security vulnerabilities that could allow a hacker to remotely tweak or delete footage, track the cops wearing them, or weaponize the bodycam by installing malware such as ransomware that could be spread to other devices in a police station.Josh Mitchell, aka @bx_lr, a consultant at the security firm Nuix, pointed out a plethora of critical security issues with police body cameras during his presentation at Def Con. After analyzing bodycams by Vievu, Patrol Eyes, Fire Cam, Digital Ally, and CeeSc, Mitchell said some of the vulnerabilities that could be remotely exploited were appalling.\u201cThese videos can be as powerful as something like DNA evidence, but if they\u2019re not properly protected, there\u2019s the potential that the footage could be modified or replaced,\u201d Mitchell told Wired. \u201cI can connect to the cameras, log in, view media, modify media, make changes to the file structures. Those are big issues.\u201dAll the body cameras except CeeSc have Wi-Fi radio, and they broadcast unencrypted identifying information about the devices. An attacker with a long-range antenna could track the cops wearing the bodycams. And that doesn\u2019t mean track the location of a single officer, as multiple cameras being activated at the same time could potentially warn the attacker that cops were coordinating a raid.The model of Vievu and Patrol Eyes cams that Mitchell analyzed could generate their own Wi-Fi access points. Sadly, they were not secured properly to prevent other devices from connecting to the camera\u2019s private network.Mitchell found flaws in all five bodycams, ranging from the lack of digital code-signing to relying on easy-to-find default credentials. This opens the door to evidence tampering. An attacker, for example, could connect to the bodycam and manipulate or even delete video footage.Wired consulted ACLU Senior Policy Analyst Jay Stanley, who said, \u201cThe fact that some law enforcement evidence-collecting devices can be hacked evokes some true nightmare scenarios.\u201d He suggested that if the bodycams don\u2019t have strong security standards, then the devices should not be used.Attackers could infect bodycams with malwareThe failure to cryptographically sign firmware updates means cops\u2019 bodycams could even be used as an attack vector.Wired reported:Mitchell even realized that because he can remotely access device storage on models like the Fire Cam OnCall, an attacker could potentially plant malware on some of the cameras. Then, when the camera connects to a PC for syncing, it could deliver all sorts of malicious code: a Windows exploit that could ultimately allow an attacker to gain remote access to the police network, ransomware to spread across the network and lock everything down, a worm that infiltrates the department's evidence servers and deletes everything, or even cryptojacking software to mine cryptocurrency using police computing resources.Mitchell told the vendors about the issues, and he hopes that fixes for all the flaws will be deployed.\u201cThese are full-feature computers walking around on your chest, and they have all of the issues that go along with that,\u201d Mitchell warned.