Cybersecurity has become a major topic in the world of physical security. In this article, we look at a recent Genetec survey on this subject and what the company suggests the user can do to prevent cyber-risks.
Cybersecurity has become a major topic in the world of physical security. In this article, we look at a recent Genetec survey on this subject and what the company suggests the user can do to prevent
cyber-risks.
No matter what trends articles you read, cybersecurity always ranks on top. Indeed, with physical security increasingly moving towards IP, users get various benefits including HD and integration of various security subsystems. Yet at the same time, this introduces certain risks such as
hacking and cyberattacks.
“Compromised edge devices can provide an entry point for disruptive ransomware attacks, leaked footage, crypto jacking and more. Compromised IoT devices could have a serious and wide ranging repercussions. In more targeted attacks, a compromised device could be leveraged by the attacker to cause specific damages. Infecting chemical power plants or water treatment systems are high profile examples that were seen in the past,” said Mathieu Chevalier, Lead Security Architectu at Genetec. “Compromised networks can be affected through botnets and DDoS. Botnets like Mirai or Moobot specialize in infecting industrial IoT devices such as NVR and IP cameras. These botnets are then typically used to launch DDoS.”
Concerns about cyberattacks against physical security devices were reflected in a survey Genetec conducted, which showed that, when asked about the challenges faced when managing employee and visitor safety, more than half of the organizations selected cybersecurity as their main challenge. Based on insights from over 3,700 physical security leaders from around the world, the report revealed that almost half (49 percent) of the organizations surveyed had activated an improved cybersecurity strategy this year, and more than a third of all respondents (36 percent) are looking to invest in cybersecurity-related tools to improve their physical security environment in the next 12 months.
“The physical security industry as a whole is still playing catch up in terms of cybersecurity. There is a technical debt to be paid here and if you combine this with the fact that cybersecurity has become mainstream, people are now aware that they have to do something about this,” Chevalier said. “Because our industry is still catching up to cybersecurity, people are now trying to implement basic IT security best practices in their physical security systems. Some are starting by assessing their posture and conducting security assessments, vulnerability scans or penetration tests. Some are looking into keeping their systems up to date and investing in tools to automate the maintenance and updates if their video management systems can’t do automatically yet.
Preventive measures
According to Chevalier, there are three core pillars to think about when talking about prevention of cyberattacks against connected security and IoT devices: changing
default credentials and credential lifecycle management, keeping systems patched and updated at all times, and using secure protocols such as https.
But prevention goes beyond hardening the user’s security devices. Selecting good technology partners is also vital. “When subcontracting or utilizing third-party components in your supply chain, nobody is checking every link in the chain. If one link is affected, the whole chain is at risk. This is why it’s key to work with vendors and partners you can trust. You have to make sure that the organizations you do business with take security at heart, have strong cybersecurity practices and effectively vet their own suppliers to ensure all links are secure,” Chevalier said.
He added: “An example of how impactful a supply chain attack can be is the 2020 SolarWinds Orion software hack. Orion is a network management system used by organizations to manage their IT resources. The group of hackers gained access to Orion and were able to deliver a malware as an update to the software and gave access SolarWinds Orion’s customers’ and partners’ data and networks. The breach not only affected SolarWinds, but more than 30,000 organizations from the private and public sectors that use Orion. This is an example of how a successful hack can have exponential impacts through supply chain links.”
According to Chevalier, it is important to have a lifecycle program to monitor devices’ security, as “a secure system today is not a secure system for tomorrow.”
“At Genetec for example, we have a solution called the Genetec Update Service (GUS) that enables you to update products when a new release becomes available. This is crucial for physical devices where the firmware can go outdated. GUS checks for updates at regular intervals, reviews your firmware versions, notifies you of vulnerabilities or recommended upgrades, and downloads firmware updates so your devices can stay up to date at all times,” Chevalier said. “In addition, basic initiatives such as raising awareness and training staff, can go a long way when it comes to prevention and risk mitigation.”