International. At work and at home, we are faced with a growing number of cameras being installed to help protect us from threats and responsibilities, as well as to gather information for a growing number of business and security analytics reports.
As useful as these cameras are in protecting ourselves and providing information, we must be better at protecting them from various external threats.
Types of hacker threats
An IP camera is a computer with one eye. It has a processor and a network connection that can be used to spy and perform computing tasks for the bad guys. Cryptocurrency mining, also called "cryptojacking" and dedicated denial of service (DDoS) are some examples of the attacks that hackers can launch inside cameras connected to the network.
In some cases, cameras open to the public internet to give users access to camera power from a mobile device while away from their desktop or home base. There is an expanding catalog of cloud-based services for video surveillance (VSaaS), both in the consumer and enterprise markets, which has made it very easy to do.
Internet of the eyes
With the "Internet of Things" quickly becoming the 'Internet of Eyes', cameras, with their extra computing power, internet connection and utility, are very tempting targets for hackers and botnets. However, some of the daily best practices can prevent your cameras from being discovered and compromised.
Six Ways to Protect Your CCTV System
1. Passwords – use complex passwords/phrases on all devices, from the router that connects to the Internet to the computers/servers that host the VMS, clients, cameras, and IoT devices on the network. Some of the biggest security breaches have been the result of the use of default usernames and passwords on the network.
2. Updates: Even with basic security measures, vulnerable cameras can be exploited by hackers or bots. It is critical that the firmware for all devices, from the router to the camera, is the most up-to-date. But not all manufacturers quickly address vulnerabilities, so it's also important...
3. Block services: Many vulnerabilities are carried out using network communications protocols such as FTP and TelNet, or devices are discovered by "pinging" the network. By using a firewall, these services can be blocked so that cameras and other devices cannot be discovered and attacked.
4. Disable switch ports: Use Mac Binding to prevent another device from replacing an existing device and disable unused ports so that an unknown device cannot be added to a network.
5. Separate: preventing devices from communicating unnecessarily can be achieved in this way; physically separate the cameras from the access network by installing them on their own switch, with their own IP address scheme. Logically, separate them from other devices using a virtual local area network or VLAN. This will further reduce the discovery or spread of malware on the network.
6. Encrypt: When devices support it, encryption authenticates all network traffic and prevents it from being used by outsiders, as well as prevents unknown or malicious traffic.
How to automate your CCTV system
There are several products on the market that can help achieve one or more of these best practices, and Razberi CameraDefense is by far the simplest way to automate your CCTV system.
Using an easy-to-guess password? You will be notified. All unnecessary services are automatically blocked and required services are easily added. Hardware architecture and firmware work together to provide physical and logical separation. CameraDefense automates bind/lock ports and offers the ability to support encryption through certificate management at the edge.
Every step you take to mitigate cyber threats is an additional layer of security and with the increasing sophistication and automation of cyber threats, every layer is important. Are you ready?
* Article written by Kyle Smith, Razberi Sales Engineer.
