Video surveillance systems have long served as the workhorse of physical security, exposing and even deterring criminal activity. But changes in technology have allowed cyber hackers to turn the tables on these dependable devices and make surveillance cameras another piece of equipment we need to protect.
As more and more facilities opt for advanced IP (internet protocol) cameras, they expose themselves to hackers who, often, can easily gain access to system networks, changing or stealing data and rendering cameras useless.
Consider a few recently publicized incidents.
Days before President Trump’s inauguration, hackers infected storage devices on Washington, D.C. police video surveillance cameras with ransomware, leaving 123 cameras in public spaces inoperable. A major reinstallation effort fixed the problem right before the event. In Japan, hackers disabled more than 60 Canon security cameras at businesses and waterways in cities across the country. A high school student in southeastern Virginia gained access to a school security camera, took screenshots of his friend walking the hallway and posted the images on the school’s website. Other incidents have involved home security cameras where hackers have accessed private video footage and streamed it on websites.
What’s behind this unfortunate and disturbing turn of events?
What Makes Security Cameras Vulnerable to Hacks?
Businesses, governments and homeowners are drawn to IP cameras because they offer better resolution and a wider field of vision than traditional analog models, and they feature analytics and remote monitoring capabilities. But just like any other internet-connected device, the cameras can be vulnerable to attack without proper cybersecurity measures in place.
In a video surveillance network, each IP camera is a unique, connected device with its own passwords and security settings. Poorly configured devices with design flaws or faulty firmware, combined with a “set it and forget it” mindset, can give hackers easy access to manipulate video footage and potentially compromise other critical systems housed on the same network.
Facilities often invest vast resources to combat cybersecurity threats to their IT systems. And the same vigilance should apply when managing video surveillance systems. The more you know about prevention, the better positioned you’ll be to stop hackers before they strike.
How Do I Prevent Video Surveillance System Hacks?
Whether you’re researching new system options or evaluating your current network, keep the following tips in mind to protect your video surveillance system against cyber threats.
Long, Strong Passwords
IP cameras typically come with default security settings, including admin login information that is often available on the manufacturer’s website – easy prey for a hacker. Change the default settings by constructing unique usernames (not “admin”) and long, strong passwords. Update your strong passwords on a regular basis. Many hacking incidents, including those in Japan and Virginia, resulted from individuals plugging in generic, default login information.
Firmware Updates
IP camera manufacturers regularly furnish customers with firmware updates that provide security patches to identified threats. It’s up to you, however, to register your products with the manufacturer, make sure you receive firmware notifications and administer the updates by connecting to the account admin website.
Dedicated Network
Consider placing your video surveillance system on a dedicated network or even a virtual private network (VPN) – one that is separate from your main network. That way, if a security camera does become compromised, it doesn’t provide the hacker with easy access to other critical systems on your main network.
Operating System Updates
Surveillance cameras all run on operating systems – Windows, Linux, etc. – and it’s important to make sure you or the appropriate IT personnel stay informed of system updates and security patches, and administer those changes.
Data Encryption
Make sure any video data transmitted over the internet is SSL encrypted. If you’re using wireless security cameras, whether at a business or home, make use of a secure WiFi network that uses WPA2 encryption.
Protect Your Equipment
To guard against damage or theft, protect your physical security equipment from tampering and the elements. Place IP cameras in protected, out-of-reach locations. Make sure video recorders and servers are kept in an area with strict access control technology and even surveillance cameras as an added measure of protection.
Do Your Homework on Video Surveillance Systems
Whether you’re considering security cameras for business or home use, successful implementation starts with good research and endures with solid cybersecurity procedures.
Purchase your equipment from a trusted source that offers strong technical support. Beware of cheaper models that may cut corners on security features. In a recent case in India, for example, the government in Delhi considered a Chinese firm to supply security cameras, but the company was on a U.S. watch list, citing the potential for remote hacking and backdoor access.
Once you have a surveillance system in place, make sure you stay ahead of the game. Monitor and update your systems and their security parameters continuously, and you’ll be one step ahead of cyber threats.