In the physical security industry, we are pretty good at anticipating new physical security threats and adding another layer of security to protect ourselves. It is curious therefore, that we have been so slow to react to the clear and present threat of cybersecurity attacks. We all know that IP networks are a powerful platform for hosting our surveillance systems. It’s time to turn to automation and artificial intelligence to get ahead of the cybersecurity threats and address best practices in a sustainable, scalable way.
The security of the security of every organization needs attention immediately. What has become obvious in the last year is that simple devices such as security cameras must be installed and administered with cybersecurity in mind. If not, they can become huge risks to the company they are supposed to protect.
So far, the camera attacks have been focused on disrupting the business of those other than the camera owner. With code floating around the Internet that breaks into poorly protected cameras, how long will it be before hackers modify that code to attack the camera’s owner?
Top 6 measures to take now
Fortunately, while the risks are real, there are simple things that can substantially reduce cyber-attack exposure. Here are the top measures to take to avoid cyber incidents:
1. Camera passwords matter.The number one item on the list is not to ignore camera passwords. Many installed cameras are still using the default passwords from the manufacturer. Many others have incredibly weak passwords that are easy to guess. Either way, it can be a huge door for a hacker to walk through. Hackers write programs that try a list of default and common weak passwords. They can try hundreds of passwords very quickly hoping to stumble on one that works. In fact, the Mirai virus works exactly that way, using a list of 61 passwords like “admin” or “54321”. The fact that this technique was able to infect over 400,000 devices on the Internet speaks to how many people ignore the importance of passwords.
2. Isolate your cameras.
If the bad guys can’t talk to your cameras, they can’t attack them either. Don’t make the mistake of putting them on the corporate network with all the other PCs and Workstations. Isolate them with a Virtual Lan (VLAN). The only thing that should be able to talk to them is the Video Management System (VSM).
3. Lock down the network.
By their nature, cameras are many times located outside of the secure space, and often outside of the building. This represents a security risk, because unplugging any camera and replacing it with a laptop allows access to a camera on your network. The solution is to make sure the network is configured so that the only devices allowed to communicate over those ports are the cameras you installed. Each camera has a unique identifier called a MAC address. A network can be configured to only allow a certain MAC address on each port (a feature called MAC Binding). With this in place, all communications from other devices gets thrown away and the hacker gets a dead connection.
4. Two operators = less risk.
IT departments discovered a long time ago that computers should use at least two logins: a user with a minimal number of privileges and an administration login with full privileges. This separation of users minimizes the chances of frequently used login falling into the wrong hands. Cameras should be set up the same way: one login used by the VMS that allows for streaming video only, and an admin login that is only used on rare occasions, such as needing to update firmware.
5. Don’t ignore unusual events.
When someone is hacking your cameras, very often there are footprints in the sand. The camera will, of course, go offline if it gets unplugged so the hacker can plug the camera back in, so even a short outage should be regarded with suspicion. If a new set of firmware is uploaded, the camera will reboot. Viruses often place a load on the camera and reduce performance.
You might get lucky and notice one of these during your normal use of the system, but good security takes more than luck. The best practice is to set up the system to monitor for events like these with immediate notification.
6. Purchase cameras from a company with a reputation for security.There has been a considerable amount of concern over the security of certain brands of cameras. The concern has reached a point where some VMS providers are dropping full support for those manufacturers. Most certainly, checking the “cyber reputation” of any system component vendor should be on your checklist prior to a major purchase. Look for vendors that have a public reputation for attention to proper cyber aware design. They should also have a rapid response to any vulnerabilities that may be found as well as a general level of trust.
By Razbery Technologies