Latin America. Genetec called on Latin American governments, saying there is little preparation in the region for cybersecurity attacks. According to an investigation that carried out an important blind spot are video surveillance cameras, as 7 out of 10 have their firmware outdated.
For Genetec, although it seems ironic the installation of electronic security solutions, such as video surveillance, access control, alarms, communications and more, can be the entry point for cybercriminals because, although they are designed to protect people and property, these systems are connected to networks and IT infrastructure, which can be quite vulnerable if they do not have the necessary cybersecurity measures.
The brand assures that "during times of internal and external political tension between governments, protecting systems from cyberattacks becomes a critical issue and data shows that Latin American countries are not sufficiently prepared." That is, with the increase in cyberattacks around the world and political tensions between different countries, it becomes clear that the public sector needs to implement effective cybersecurity improvements in its IT networks to reduce vulnerabilities.
Cybersecurity data in Latin America
In 2021, cyberattacks increased 600% in Latin America and the Caribbean. According to Data from Fortinet, the region suffered 289 billion cyberattack attempts in 2021. In first place, Mexico is positioned with 53.9% of attempts, followed by Brazil with 30.6%.
For its part, the University of Chile, in a study published in 2021 on its portal of 'Academic Journals', takes as a reference two international metrics to locate the cybersecurity of the region compared to the rest of the world. In that sense, Latin America is in sixth place among the regions that have prioritized the development of cyber capabilities, only above Africa and Oceania, taking into account the National Cybersecurity Index of the E-Governance Academy.
According to the metrics evaluated, 10 of the 11 countries in the region studied: Peru, Colombia, Chile, Mexico, Argentina, Brazil, Jamaica, Panama, Suriname and Honduras, have zero in the indicators that measure the protection of essential services, the delimitation of threats, the global contribution to cybersecurity and the management of the cyber crisis of States. Thus, for Genetec, this data shows the commonity of cyber attacks in the region, added to the frequent news about data breaches or incidents of 'ransomware' in the public sector. And it insists that "any government organization, college or institution of higher education, large or small, is vulnerable to a disruptive and costly cyberattack."
Cybersecurity risks
According to Camilo Sánchez, Business Development Manager at Genetec, "a persistent but erroneous idea is that cyber attacks on electronic security systems are only limited to damage or theft of information from these systems. For example, recognized threats often include the ability to remotely stop a camera's video transmission, open or lock a door, or disrupt critical building systems. Certainly, concern about the risks to the physical safety of persons or facilities is present; However, most cyberattacks are not limited to these cases. These attacks also target applications, files and data from other solutions managed by the IT department."
That is, the severity of these attacks is entered by a device (for example a camera) and can travel over the network to block access to critical applications, retain files for ransom and steal financial data or personal information of employees, students, customers or residents.
A case of this is the botnet (malicious software) known as Mirai, which disrupts systems and networks with attacks on Internet-connected devices. At first, to find vulnerable devices, the malware tried to log in with factory default usernames and passwords; it has now evolved to exploit unpatched vulnerabilities.
Beware of cameras
According to an analysis by Genetec, a large number of security cameras allow this type of attack. According to their research, almost 7 out of 10 cameras had their firmware outdated.
In 2021, a security threat researcher discovered that a Mirai-based botnet, called Moobot, uses another technique to infect video surveillance devices with critical vulnerabilities. This technique injects malicious code into the device and then checks the network to find additional devices to infect. More than 100 million devices worldwide are affected by this vulnerability, making it the largest vulnerability ever to affect video surveillance. Although there is a software patch available to close this risk, this IoT botnet will never stop looking for a vulnerability and, most worryingly, IT teams may not know which installed cameras should receive it, as these devices are OEMs of many brands that do not easily show their origin.
Governments such as the US, the UK and Denmark have already begun restricting the use of cameras that have shown multiple critical cybersecurity vulnerabilities such as these in government facilities and critical infrastructure. In Latin American countries, however, there are no restrictions yet.
Regarding this, Camilo Sánchez insists that "security cameras and access control systems should be considered critical network devices. These devices need to receive a high level of protection and monitoring for operations and cybersecurity. That is why, looking for reliable manufacturers that implement cybersecurity and privacy by design, is indispensable especially if we talk about government facilities and critical infrastructure."
Solution to this problem
While in many organizations physical and IT security are separate areas, because apparently their work and their concerns "do not converge", this perspective must change, in light of the growing cyber risk that electronic security technologies can present.
This shift begins when it and e-security teams come together in a single organization to implement a comprehensive security program, based on a common understanding of risk, responsibilities, strategies, and best practices.
According to Genetec, when it is understood that physical and cyber domains are closely linked, governments can implement new technologies, new personnel roles and new practices that strengthen security in general.
Below is the list of best practices that Genetec raised to avoid these vulnerabilities.
Evaluate the current position: Create an up-to-date inventory of all devices connected to the network. Perform an assessment of the vulnerability of these security devices, identify the models and manufacturers of interest. Consolidate and maintain detailed information about each device, including connectivity, firmware version, and configuration. Evaluate the design of the network, to segment the oldest devices and reduce the potential for cross-attacks and identify all users who have knowledge of the electronic security devices and systems, documenting that information for future use and auditing.
Unify electronic security and cybersecurity: Begin discussions on the combination of e-security and cybersecurity teams, formalizing roles and responsibilities. Monitor and share intelligence on current cyber threats and trends across teams, so that collaboration on preventative actions and response capabilities is encouraged. Develop common policies and practices for security operations and incident management.
Set the improvements: Determine if installed devices have the latest firmware version and other software recommended by the manufacturer. Confirm that the video surveillance and access control software is up to date on the physical security devices, as well as on the servers. Change the default passwords in use, as well as set a policy and process for requiring frequent password changes.
Device and system replacement planning: Identify any devices that need to be changed. Develop a plan that modernizes security functions and management on a unified platform and assess compliance with the standards of all suppliers in the supply chain of the proposed solution.
