International. Over the past seven years, questions related to cybersecurity have taken on a lot of relevance. They have been researching concepts and defining methodologies, security controls, vulnerabilities, policies and processes. In more recent times, common threats and errors have been detected within the electronic security ecosystem, for example the following:
1. Risk management and threat assessment.
In the area of cyber threats, it is important to have a cyber maturity, which means that you have a decent understanding of the threats you face, knowledge of the dangers and also how to mitigate them. Risk management is a challenge as there is a probability and an estimate of the potential negative impact and that can only be defined by the organization operating a system.
The threats, on the other hand, will be the same regardless of the device or camera being used. And while we all have the risk of an attack, the odds are lower. However, it is imperative to know that the risks suffered by IT systems come in all forms. Cybersecurity risks are much vaster than those commonly read in the media: hackers, viruses, and malware. There are key points to protecting an IT system, such as confidentiality, integrity and availability. Anyone that negatively affects one of these areas is a cybersecurity incident. Hardware failure is a threat that damages availability and is therefore also classified as a cybersecurity incident.
2. Deliberate or accidental misuse of the system
People who have legitimate access to a system can also be a threat, and perhaps the most common:
- People can access system services (e.g., video) for which they are not authorized
- They may also try to fix the faults and the result is reduced system performance.
- Making mistakes
- Individuals are susceptible to social engineering
- They can lose or displace critical components (access cards, phones, laptops, documentation, etc.)
- Individuals' computers can be compromised and unintentionally infect a system with malware
And some of the most common vulnerabilities that provide an opportunity for threats to affect the system are:
- Lack of cyber awareness in organizations
- Lack of long-term policies and processes to manage risks
- No system update
A video management system (VMS) has, potentially, numerous users accessing live and recorded video from the server. VMS software provides management of user accounts with different levels of privileges. All the customer needs to do is define policies and establish processes to maintain security over time.
A device must have one account for administration, one for daily operating clients (VMS), and use a third account for maintenance and troubleshooting. One of the most common mistakes when implementing a video system is when all three roles share the same account. That password can easily spread within the organization, creating an opportunity for deliberate or accidental misuse.
3. Physical manipulation or sabotage
Physical protection for IT systems is very important from a cybersecurity perspective because:
- Exposed physical equipment can be tampered with or stolen
- Exposed physical cables can be disconnected, redirected, or cut
- The cameras themselves are not only susceptible to tampering, they can also expose network cables. This can provide an opportunity for intrusion of it.
Mitigate the risks and impact of an intrusion.
An intrusion into the system is when someone bypasses one or more security controls to gain access to it, currently there are already many examples of attack vectors to damage it. Social engineering is one of the most common and effective, it is basically a risk-free attack vector. The amount of sophistication required to breach a system depends on which security controls are added as obstacles. The common mitigation technique for reducing risks is to reduce exposure.
For video systems, common vulnerabilities relate to the physical exposure of devices. Without any protection, anyone who can reach a camera can connect the Ethernet cable. There are a number of security controls that can be added should this occur, including the addition of additional firewalls, network segmentation, and network access control (802.1X). Following provider-recommended guidelines is important to reduce these risks. The products and reinforcement guides provided by vendors will also include security recommendations and controls that reduce risks, even if a malicious attacker gains access to the network.
Note written by Leonardo Cossio, Key Account Manager for end customers at Axis Communications.
