Home » Device Hardening Techniques End Users Can Employ to Outsmart Hackers
Video surveillance systems have always been vulnerable to attacks. Ever since IP technology was first introduced, security cameras have been an attractive target for hackers. That attraction has deepened all the more during the COVID-19 pandemic. In May, VMware Carbon Black released the Modern Bank Heists report showing that the coronavirus pandemic is correlated with a 238-percent surge in cyberattacks against banks. Also, in May, a Forbes headline read: “2,500 Attacks In Less Than A Day: Coronavirus Scammers Just Went Into Overdrive.”
Experts are pointing out that increasingly more hackers are attempting to use non-secure cameras to generate network traffic for distributed denial of attacks (DDoS). In essence, a DDoSattack is a malicious attempt to disrupt normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic. They use multiple compromised computer systems as sources of attack traffic and ultimately can knock off servers or networks. The moment a camera is connected to the internet, they become a potential target for attack.
The financial fallout from COVID-19 has left countless businesses reeling and hard-pressed to successfully weather the storm of a vicious cyber-attack. Attacks that involve ransomware are especially damaging, as many end users don’t have the ability to access systems, customer data and communications during these difficult times, and are left waiting for vital resources to come back online. Larger corporations with more resources may have, for the most part, been able to rely on their IT departments and cyber experts to take care of the spike in cyberattacks and ensure business continuity during the pandemic. But many smaller to mid-sized businesses that are now focused on re-opening and directing precious resources to adjusting operations quickly to conform to the new guidelines, are likely to overlook the cybersecurity loopholes found in their security systems. This vulnerability can leave them open to another potential wave of business disruption. Hackers know this.
But, it is not all bad news for end users, as security needed for IoT devices such as IP security cameras are surmountable. Device hardening can provide a strong first line of defense. It is basically a process that includes a series of steps to make a device more cyber-secure and now more than ever is the time to harden devices from costly attacks. Here’s a look at some device hardening techniques that can help you protect surveillance system from hackers.
1. Don’t Be Late to Update!
Camera manufacturers offer firmware updates regularly. They also provide updates whenever they come across a potential vulnerability. Users absolutely need to have a process or system in place that allows for updates of their camera firmware as soon as they are available. Depending on the brand of camera, this will either have to be done manually or via an automated system that applies updates when they’re available. Users need to be aware, however, that auto-updates required cameras to be accessible from the internet. While auto-updates are ultra-convenient and efficient, they can make cameras more vulnerable to attack. Manual updates are a safer way to go.
2. Ditch Default Passwords
Creating your own customized passwords seems a simple enough thing to do. But just wait until you’re managing a medium to large-scale project requiring a hundred devices or more. Changing the default password on each device may not sound so easy then but it is definitely critical to protecting your network. Using plug-and-play solutions that don’t need to be password-protected independently is another feasible option. Just make sure the admin account with all the privileges is rock solid.
3. Discover the Difference
Camera and network configuration today provide several options to make devices discoverable, or not. When you have finished configuring the device, disable the discoverability feature. This will keep devices invisible to hackers, preventing any attempt to breach. A similar step is to disable unused ports and features of any device connected to the network to limit a hacker’s options to exploit vulnerabilities.
4. Turn Off Unused Devices
The number of connected devices in the market continue to rise at a rapid pace. All of them connect to the same network that your cameras are connected to and provide more opportunities for hackers to enter the system. If all those connected devices are necessary for you, then follow the steps mentioned above to protect them. If some are not necessary, turn them off.
5. Filter that IP
Devices with edge-based technology need to be accessed only by the server or the admins. IP filtering, a feature that’s available on many edge devices these days, allows you to limit the access to the device. With the optimized use of user-privileges and IP filtering, you can ensure there is no unauthorized entry.
For end users with IT or technical skills, these hardening techniques are simple to implement. These steps, combined with frequent inspection of audit trails in a device, will allow users to keep track of any unwanted attempts to access it.
Sadly, we’re not only tasked with protecting human health during this COVID-19 pandemic, we’re also charged with keeping our networks and much needed video surveillance systems healthy, as well. Hardening devices can go a long way in protecting against cyber-attacks during these most challenging times.
I want to hear from you. Tell me how we can improve.
Jeff Montoya is the Eastern Regional Sales Director for IDIS America, where he is responsible for managing and developing major and national accounts. Montoya has more than 20 years of security industry experience working for manufacturers, distributors and integrators in the video surveillance and access control markets, including heading up regional sales for Sanyo Security Products and Axis Communications. He has an extensive record of supporting customers with sales, service and project coordination, as well as developing sales and marketing initiatives for selected vertical markets.
This month in Security magazine, we explore how Corning's global security group ensured business continuity and employee safety during the global COVID-19 pandemic. Also, we highlight the global security team at Uber and their recent security programs and initiatives. Industry experts discuss travel safety programs, career hackers, working for terrible bosses, group attribution error and more.