Are your IP Cameras Secure?

Are your IP Cameras Secure?

Written by Scott Hall on . Posted in Security

risk of theft

Is your surveillance camera network safe?

Not all IP cameras are created equal, and price is only one determining factor in quality and security. How do we make sure that the system you trust to security isn’t a wide open threat in of itself?

Back in May 2017, the Department of Homeland Security’s ICS-CERT issued an advisory about an exploit in a large manufacturer’s cameras; these were not flaws that required an elite hacker, as it took a “low skill level to exploit.”  ICS-CERT warned, “Successful exploitation of these vulnerabilities could lead to a malicious attacker escalating his or her privileges or assuming the identity of an authenticated user and obtaining sensitive data.”

 

What steps can you take?

SECURE YOUR INTERNET NETWORK

Ensure firewalls are up to date with current intrusion definitions and penetration methods. If on a home network, secure your routers and change passwords frequently.

 

PASSWORD PROTECT YOUR CAMERAS

Most IP cameras come with same default username and password, to make installation of the camera and software easier on the end user. The problem comes when these credentials are not changed at installation, and the defaults are well known on both the darknet and open internet. This leaves cameras accessible to anyone via the internet, especially when your network is unsecured.

AVOID PORT FORWARDING

Port forwarding is a way to view your cameras directly outside of the network they reside on. An analogy: when you stay in a hotel, a visitor can get your room number by telling the desk clerk your name. This is a kind of port forwarding, and it’s clear why this is a bad idea: anyone that knows what camera to look for can get information on it if they ask in a certain way. The need for port forwarding is eliminated by investing in a sound and secure video management system, which centralizes and encrypts camera streams for viewing outside their network.

UPDATE YOUR CAMERAS

Camera manufacturers are constantly upgrading firmware to camera models not just to add new features and fix maintenance issues, but to stay on top of intrusion threats and vulnerabilities as hackers get more creative by the day. Make sure your cameras’ firmware is updated regularly.

Cameras are great physical security tools, and when deployed and maintained properly, can be as secure as any other networked device. But as creative threats rise, and attacks become broader, IP cameras are not to be overlooked as potential weak points into any network.

CyberWar has many Civilian Casualties…

Written by Scott Hall on . Posted in Security

CyberWar has many Civilian Casualties…

Have you been the victim of cybercrime?  If asked that question in 2012, you might have said, “I’m not sure.”  But in 2017, the answer most likely is, “Yes, I’ve been victimized many times.”  That’s bad news.

Among the familiar companies that have been breached over those five years are Target, Home Depot, eBay, PayPal, LinkedIn, Anthem, Yahoo, iCloud, Dropbox, Evernote, and Equifax.  If you use any of these, then you have been an indirect victim of cybercrime and undoubtedly, most of your personal information is somewhere on the Dark Web.

According to http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/ the last five years has seen an escalation of cybercrime on the scale of a world-wide cyberwar. The weapons of this cyberwar are simple and inexpensive to make and deliver compared to conventional weapons. This is due to the ubiquity and connectedness of the Internet that is at once its strength and its weakness. The ubiquity of the internet is a strength in that it enables a free exchange of information and commerce by connecting individuals, businesses, and governments. Yet, this connectedness is a weakness in that it enables criminal, espionage, and terrorist organizations to directly victimize the public, enterprises, and nations on a global scale.

Should you resign yourself to being a casualty in the cyberwar? Go off the grid and forgo connected technologies?  Neither of these options is acceptable for those who desire the convenience that comes with technical innovations such as Alexa and Nest. Then should you hack back? We don’t recommend it since that would be like a civilian joining a conventional war with a pellet gun – you’d have little to gain and much to lose.

In the cyberwar, you are more secure as a non-combatant, but that does not mean you need to be a passive participant. Instead, make sure you have a good defense. If hackers are climbing a ladder to get to you, then build a wall that is higher than their ladder. Windows and MacOS Firewall are defensive tactics, but they are dated architectures that are easy to penetrate. Firewalls in antivirus and wireless routers are marginally better than Windows and MacOS, but they are still not enough to thwart hackers in today’s cyberthreat environment.

To be safe in the cyberwar of 2017, use a next-generation firewall (NGFW) running a full suite of security services.  Unlike less sophisticated firewalls, NGFWs are not static; they learn and grow higher over time, staying higher than the ladders that the hackers are building. The SonicWall Capture Threat Network updates signatures globally around the clock to keep your firewall “higher than the hacker’s ladders.” And if they happen to put a ladder where you didn’t expect one (with a zero-day or unknown malware), you can use Capture ATP to “push away that ladder” before the threat can enter your network.

Tomorrow will bring news of another organization that has been hacked, but you can securely protect the data and devices on your network and avoid being a casualty of the cyberwar. 

 

Contributor: Wilson Lee (Sonicwall Corp)

Healthcare Facilities are a Target of Cyber Attacks

Written by Scott Hall on . Posted in Security

PHI, also known as Protected Health Information, is very valuable on the Dark web of the internet. In fact a stolen Medical Record is 10 times more valuable than a stolen credit card number.

Cyber Criminals are increasingly targeting the $3.5 trillion US Healthcare industry with more than 16 million patient records exposed in 2016.  Since 2009 there have been over 171 million patient records stolen and sold on the dark web.

Tech Headaches? We can help! Contact us now »