The layered approach to system health monitoring and cybersecurity
In the Marine Corps, I trained as a "tank killer" before being selected to protect nuclear weapons on a submarine base. After attending these training schools back-to-back, I noticed protection is most effective in layers. A tank with an added layer of reactive armor is more difficult to destroy with a missile. The closer to an actual nuclear asset, the ever-increasing levels of protection were used. So much so, that in penetration tests, Navy SEALs were never able to breach Marine protected areas.
Converging Security Arenas
Layers are also used with cybersecurity and system health monitoring. The convergence of IT and Physical Security goes beyond the sharing of network resources; it extends deep into holistic shared network monitoring. With this shared space between IT and Physical Security departments, tools, and applications that provide security and talk to each other are needed to provide visibility across multiple sites. A protected security system is critical to the overall security of the enterprise in both a physical and logical spheres.
If the coordination of a shared network was not enough of a challenge, physical security systems are a prime target for ill-intentioned keyboard commandos and mindless botnets like Mirai.
An IP camera alone has a high-powered processor capable of performing analytics. Imagine an unauthorized entity taking control of hundreds or thousands of these network devices and the sheer volume of data that could be stolen. Required system health checks have been an essential part of an IT department's day-to-day tasks and are now becoming a new tool for Physical Security departments to diagnose breaches.
An open-source platform is also an essential part of a network to be sure all cameras and IoT devices, like card scanners, door locks, and smart security lights, can be monitored from a central location with shared access via the cloud.
In the security industry, time saved is dollars in our pocket. Knowing if a camera is offline, CPU temperature is above normal levels, or performing a RAID health check could mean the difference of incurring the cost of rolling a truck to diagnose a problem or simply remotely rebooting a camera physically.
The Reality of IP Camera and IoT Device Installation
When an IP camera or security IoT device is installed, they often never receive a firmware update or username and password change after the initial setup. This is a straightforward fix but often skipped due to the manual nature of this task. The sheer size of a network and the location of a camera or IoT device can also pose a question if the device is working correctly.
Imagine a network camera is placed 100 feet in the air atop a water tower with a rusted access ladder. A very real scenario that would be very difficult to access and require a bucket truck rental, additional crews dispatched, and time spent. Now, imagine a thousand different remote sites with precariously placed cameras and IoT devices and the exponential effect on the video surveillance and IoT network.
Smart cities and smart buildings are the result of the cost reduction in technology and becoming a reality, and as we have seen many times, proving sci-fi movie predictions correct. However, the security of these new devices still poses a problem.
A Proactive Layered Strategy
Not providing the most basic level of security leaves IoT devices especially vulnerable to attack, and why Denial of Service attacks perpetrated with IP cameras on Netflix, Twitter, and Reddit in 2016.
Had layers of security protections and health monitoring software been applied, those systems would have been less vulnerable and proactively alerted the security team. Merely using a complex username and password combination, verified by Razberi CameraDefense™, would have been a layer of protection to prevent a takeover. Turning on a Device Firewall inside CameraDefense™ to block TelNet traffic (Mirai's search method) would have been an additional layer. Even if the device were already compromised, a CameraDefense™ Device Whitelist would be a layer that prevents a device from phoning home or seeking other machines to infect.
Razberi Monitor™ cloud-based platform would have allowed multiple users to access the network in real-time and remotely view alerts of different sites and quickly diagnose the issue.
Protecting with Layers
Similar to a tank, adding layers of security to your networking systems is the most effective strategy to protect your assets against attacks. During installation, changing the defaultusername and password of a device is a simple layer of protection to prevent hackers from gaining access. Each step you take is another layer of protection in your security, and being able to access and understand the alerts quickly is the difference between identifying a vulnerability or being the latest story on securityinformed.com.