News that hacked security cameras and DVRs may be to blame for October’s massive Internet outage is troubling to many of us in the physical security industry.
The cyberattack, which caused disruptions to major websites like Twitter, Spotify and Netflix, is being blamed on malware called Mirai, which reportedly exploited the default passwords in network cameras and other connected devices to initiate a widespread Distributed Denial of Service (DDoS) attack on a large Internet infrastructure company.
Essentially, DDoS attacks overwhelm a server with so much junk traffic that it can no longer process normal requests. In this case, many popular websites saw service disruptions.
The incident has raised concerns about just how secure some IP cameras and video recorders are, and what steps the industry is taking to harden products against these kinds of attacks.
While it’s impossible to totally safeguard against all security vulnerabilities, there are steps you can take to better protect your video surveillance infrastructure and reduce your risk of being victimized by hackers. The following are some important measures that can help secure your video surveillance infrastructure from cyber attacks.
- Change default passwords – News reports (Krebs on Security) say the Mirai botnet targeted devices with factory default passwords hard-coded into the device firmware, so even if the user wanted to, they couldn’t change the backdoor account password. Work with your integrator to make sure strong passwords are in place for all of your IP cameras and network video recorders. Passwords should contain a mix of upper and lower case letters and special characters. Further, choose manufacturers that use one-time password mechanisms that are always changing. That way, if there’s ever a need to bypass a camera’s administrative interface, you can do so, but the password is only valid that one time. (March Networks uses a sophisticated one-time password and does not hard-code passwords on any of its devices).
- Keep software and firmware up to date – Software and firmware releases often contain patches for security vulnerabilities, so failing to apply these updates puts your devices at risk. Make sure your integrator is in regular communication with your camera/video recorder manufacturer, so they know when new software and firmware is released and where to get it. Regularly applying updates will not only keep your devices more secure, it can also address other issues that can interfere with the normal operation of your video system. (If you’re using March Networks cameras and hybrid NVRs, your integrator can access software/firmware updates on our Partner Portal. March Networks also sends out special alerts about updates that address specific security vulnerabilities found in common third-party software resources through our Security Updates and Advisories program.)
- Use a firewall – Most enterprise-level organizations use firewalls to protect their internal networks from unauthorized access as well as malicious activity on the Internet, like viruses and malware. Firewalls prevent hackers and programs from accessing the critical business information and resources on your internal networks and computers. I suggest using a firewall with Deep Packet Inspection (DPI) – a filtering capability that looks at the content of data packets, essentially doing a deep dive into all data being delivered. DPI provides an additional layer of security, right down to the application and user level.
- Disable services you’re not using – There is always a risk anytime a device is connected to the Internet, but you can minimize that risk by closing network ports, and disabling services you don’t need. For example, if you don’t require SNMP (Simple Network Monitoring Protocol) services on your devices, these can be disabled.
Choose a manufacturer that lets you disable services you’re not using. Linux-based operating systems in NVRs, for example, can be customized to remove services, thereby improving security.
If you’re using March Networks recorders, your integrator can also scan the NVRs for open ports and other security issues by using our GURU Smartphone App’s Security Audit tool. The tool automatically analyzes and rates how secure the configuration of installed March Networks recorders is against a list of potential vulnerabilities. It then provides guidance on how to make the configuration more secure, such as changing a password that’s been left at the default setting or closing ports that don’t need to be open. You can actually ask your integrator for a copy of the Security Audit report for reference, since GURU lets technicians email it right from their phone or tablet.
Finally, it’s important to note that cybersecurity is constantly evolving, and there are many other measures you can explore to safeguard your data. But no one person or company can tackle it alone. Keeping video surveillance infrastructure secure needs to be a joint effort between manufacturers, integrators and service providers, and end user organizations as well. Do your part by staying up-to-date on best practices and training and educating your staff. It’s also important to adopt a top-down approach to cybersecurity that begins with buy-in from senior executives and support from managers and employees alike.