How to combat cybersecurity issues in video surveillance
Source: Tim Chen
Needless to say, cybersecurity has emerged as a major issue among users of video surveillance, which has migrated more and more towards IP. Against this backdrop, how to prevent and mitigate cyberattacks has become important, too.
It goes without saying that video surveillance has moved from analog systems of the past to IP. A mid-year research note by IHS Markit points out a total of 70 percent of all security cameras shipped in 2018 were network cameras, adding at the same time, global shipments of HD CCTV cameras, also known as analog HD cameras, fell in 2018.
Obviously IP has its advantages. The camera can capture images in higher resolution and integrate better with other devices on the network. Yet, as with all other networkable devices, the camera and NVR are also subject to cybersecurity issues, the most notorious of which occurred in 2016 when a series of coordinated cyberattacks were launched against Dyn, an Internet performance management company based in New Hampshire, resulting in service disruptions across various famous sites including Airbnb, Amazon.com and The Boston Globe. It was later found out a botnet of Internet of Things devices, including IP cameras and network video recorders, were used in the attack after being infected with the Mirai malware.
Cybersecurity best practices
According to a recent blogpost by Axis Communications, there are several factors that make the video surveillance system vulnerable, and many of them are linked to poor cyber health of the network. “Sometimes, it’s a lack of alignment between your IT and security teams. Failing to put in place and follow IT security policies can also lead to dire consequences; it’s not a coincidence that so many cyberattacks are due to human error,” the post said. “Similarly, systems that are not well maintained, updated and cared for also suffer from dramatically increased susceptibility from cyberattacks.”
It further added that whether a vulnerability can lead to a high risk depends on two factors: whether the vulnerability can be easily exploited, and what kind of impact will the vulnerability have on the rest of the system. That said, adhering to well-designed cybersecurity best practices is the best way to counter cyber-threats to video surveillance systems.
So what are some of the best practices? According to the post, businesses should approach cybersecurity in two steps. “The first is awareness; if you are not aware of potential cyber vulnerabilities, threats and issues you cannot do anything to prevent them. Step two is mitigation; once you’ve identified a potential problem, you need to take the necessary steps to patch it before it turns into a serious threat,” it said. “In other words, you need to keep learning and teaching your staff about possible vulnerabilities, so that you can spot them as early as possible. This is best done when you have clear policies in place for the management of accounts, passwords and devices.”
According to the post, device lifecycle management is critical too, especially in the area of proactive maintenance. Once the manufacturer releases an update or software patch, it’s best that the user install them, it said.
Finally, governments have also begun playing a more active role, requiring users to comply with such legislation as GDPR, under which the user can be fined up to 4 percent of annual global turnover or 20 million euros, whichever is the highest, Axis said.
“On one hand, this may seem just another headache to business owners, but actually regulations like GDPR have been very beneficial to cybersecurity, by increasing awareness around the importance of data protection both with organizations and end users,” it said.