How to prevent IP video surveillance cameras from locking down?

Nowadays, anything connected to internet is generating a lot of enthusiasm among hackers. Earlier, they were breaking into the web connected devices out of curiosity or to expose their skills. But now, they are using their hacking skills for conceptually criminal purposes. With passing time, the attacks have become more sophisticated and far reaching, often producing disastrous results to companies whose networks have been breached and the people whose information has been stolen.

Computers and servers were the most obvious targets for such attacks till date. But now, security cameras are proving as soft targets.

Conceptually speaking, each networked security camera is a miniature computer with password, security configuration settings, and vulnerabilities just like the servers and workstations that are customary on networks. While the purpose of IP camera deployment is to support physical security; these cameras are by no means immune to cyber attacks.

Poorly configured IP cameras can act as an access point to hackers. Hackers can access to all networked cameras within the surveillance system through those breaches cams and could enable someone to take control of that system for ransomware.

For people, who do not know the seriousness of an IP camera breach, here’s a bit of knowledge share. Imagine a hacker has gained access into a home camera which is installed in your living room. Then they can keep a track of all your activities happening in and around the surroundings. Sometimes, private and intimate moments taking place in the living room can be captured by the hacker to demand for ransomware.

Strategically speaking, the main reason IP cameras are vulnerable to hackers boils down to human factors – misconfiguration, user error, etc…. Sometimes technological errors like design flaws can also act as supporting resources to hackers.

To prevent locking down of security surveillance cameras, users should include best practices and installation techniques while deploying security camera systems. This includes-

Change of passwords and settings- Often it’s seen that security integrators do not change the default passwords after installing the security cameras. There are a number of websites that list the default passwords for most IP cameras — both consumer and commercial grade. Other security settings, such as encryption or remote access, are often set to a more insecure state by default to make “plug-and-play” installation easier for the technologically unsophisticated users. But by going for such settings devices get exposed to savvy attackers who can manipulate network traffic.

It is amazing and appalling to know just how many IP cameras have been deployed with their default settings( search on Shodan), essentially broadcasting to anyone with the time or inclination to access them. Estimates put this number in the hundreds of thousands — which is significant considering how recent the move to IP cameras is and how rapidly they are now being deployed.

Firmware should be updated- By simply changing default passwords and some settings aren’t enough in practical. Hackers are on a constant prowl of vulnerabilities such as bugs in camera software that allows them to bypass authentication and access the device. In many cases, companies identify such bugs and offer a firmware upgrade. Unfortunately, installers do not update the firmware on the cameras and as a result, this acts as a weak point to access for the cyber criminals. For this reason, every month or once in every three months, installers or the maintenance guys of the security camera systems should make it a point to upgrade the firmware on the devices.

Network segmentation- Search engines like Shodan dot io index devices connected to the internet, and all it takes for just about anyone to find and view these vulnerable cameras is a search based on camera make, model and version. The best way to deal with the situation is to isolate internal networks used for operations or other critical activities from the security surveillance system network. Keeping these two functions on separate, isolated segments of the overall network ensures that even if a camera is hacked, it will not serve as an easy gateway to access the entire network, especially sensitive operations data, or that other compromised systems will not provide a gateway to the cameras.

Use tools like DNF Security Lifeline TamperGuard- DNF Lifeline TamperGuard provides the ability to automatically discover undesired and unauthorized changes in configuration of surveillance appliances and continuously monitors them for any type of configuration changes. It is able to determine whether any type of unauthorized changes have been made and by who, what, when, and where. Lifeline-TamperGuard configuration change manager can also compare system configurations with regulatory requirements or industry best practices (internal and external policies) and highlight areas that need to be investigated.

Follow Google and keep yourself updated- For those who like to keep their surveillance systems free from hackers, they should first keep themselves updated on what is happening in the technological world. Take the help of Google search engine and other technology based blogs and websites to find out the latest on hackers and cyber crime. This will keep you updated on what’s happening in the surveillance industry and where it’s heading.

While hackers are always working to find new ways into networks as old flaws are fixed, manufacturers and others are continually working on making more secure products and quickly developing patches for any vulnerabilities — something integrators must keep themselves informed off.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s