At work and home, we face an increasing number of cameras being installed to help protect us from threats and liability, as well as gather information for a growing number of business and security analytic reports. As helpful as these cameras are in protecting us and providing information, we need to be better at protecting them from several external threats.
Types of hacker threats
An IP camera is a computer with an eye. It has a processor and a network connection that can be used to spy and perform computing tasks for the bad guys. Mining cryptocurrency, also called “cryptojacking” and Dedicated Denial of Service (DDoS) are some examples of the attacks hackers can launch within network-connected cameras.
In some cases, cameras are opened to the public internet to give users access to the camera feed from a mobile device while away from their desk or home base. There is an expanding catalog of Cloud-based services for video surveillance (VSaaS), both in the consumer and enterprise marketplace that has made this very easy to do.
Internet of eyes
With the ‘Internet of Things’ quickly becoming the ‘Internet of Eyes’, cameras, with their extra computing power, connection to the internet, and utility, are very tempting targets for hackers and botnets. However, some everyday best practices can prevent your cameras from being discovered and compromised.
6 Ways to Protect Your CCTV System
- Passwords – Use complex passwords/passphrases on all devices, from the router that connects to the internet to the computers/servers housing the VMS and clients, and the cameras and IoT devices on the network. Some of the greatest security breaches have been a result of default usernames and passwords being used in the network.
- Updates – Even with basic security measures in place, cameras with vulnerability can be exploited by hackers or bots. It is critical that firmware for all devices, from the router to the camera, have the most updated firmware. But not all manufacturers quickly address vulnerabilities, so it’s also important to…
- Block Services – Many exploits are carried out using network communications protocols such as FTP and TelNet, or devices are discovered by ‘pinging’ the network. By using a Firewall, these services can be blocked so cameras and other devices will not be able to be discovered and attacked.
- Disable Switch Ports – Use Mac Binding to prevent another device from replacing an existing device and disable unused ports so an unknown device cannot be added to a network.
- Separate – Keeping devices from communicating unnecessarily can be accomplished in a couple of ways. Physically separate cameras from the access network by installing them on their own switch, with their own IP address scheme. Logically separate them from other devices by using a Virtual Local Area Network or VLAN. This will further reduce discovery by, or propagation of, malware in the network.
- Encrypt – When supported by devices, encryption authenticates all network traffic and prevents it from being usable for outsiders, as well as prevents unknown or malicious traffic.
How To Automate Your CCTV System
There are several products in the marketplace that can help accomplish one or more of these best practices, and Razberi CameraDefense™ is by far the simplest ways to automate your CCTV system.
Using an easy to guess password? You’ll be notified. All unnecessary services are automatically blocked and required services easily added. The hardware architecture and firmware work together to provide physical and logical separation. CameraDefense automates binding/blocking ports and delivers the ability to support encryption through certificate management at the edge.
Every step you take to mitigate cyber threats is an added layer of security and with the increasing sophistication and automation of cyber threats, every layer matters. Are you prepared?