IT Security has become a big business in itself. In parallel, cyber criminals are attacking the IT Security software and appliances intended to thwart their exploits.
We read lurid reports daily about cybercrime, and how in the view of many experts, it will be the basis of World War 3. At a more subtle level, nation-states, business organisations and individuals are using cyber technologies to monitor activities and increase the levels of their security. Surveillance cameras attached to digital networks are a key part of many IT security systems.
Recent reports of improvements in Ai and facial recognition analysis of surveillance camera footage preventing crime have been widely reported in the media. On the other hand, similar techniques have the capability to make commissions of cybercrime easier. Stolen surveillance camera coverage has become more valuable, and a greater target for cybertheft.
Digital surveillance cameras can be attached directly to networks, with their output recorded on standard media. Sometimes they are configured in separate network segments hosting cameras, storing their output on a Digital Video Recorder (“DVR”). This network is in turn, connected to the main corporate network.
A hacker needs only to hack into the network hosting the DVR to be able to steal camera footage.
Why Steal Camera Footage?
Cybercriminals exploit vulnerabilities exposed by surveillance camera systems and in digital surveillance cameras themselves to gain unauthorized access to IT systems and subsequently sell that access to interested parties.
Here’s an overview of how they typically carry out such activities:
Identifying Vulnerable Systems
Cybercriminals scan the internet for unsecured surveillance cameras using automated tools. They search for cameras that are improperly configured, have default login credentials, or are running outdated and vulnerable firmware.
Exploiting Weak Security
Once vulnerable cameras are identified, cybercriminals attempt to exploit security weaknesses. This may involve using default login credentials, leveraging known software vulnerabilities, or employing brute-force techniques to guess passwords. Analysing footage using AI and recognition systems has made the process much easier.
Gaining Unauthorized Access
After successfully compromising a surveillance camera, the cybercriminal gains unauthorized access to its video feed, control settings, and other functionalities. They essentially take control of the compromised camera.
Cybercriminals use various underground forums, dark web marketplaces, and messaging platforms to advertise and sell access to the compromised cameras. They provide details such as the location, video quality, and duration of access to attract potential buyers.
Interested buyers, who can be individuals, criminal organizations, or even nation-state actors, purchase the access from the cybercriminal. The buyers may have various motives, including voyeurism, intelligence gathering, or even planning physical attacks by monitoring security vulnerabilities.
Monetizing the Data
Once access is sold, the buyers may exploit the compromised surveillance cameras in different ways. They may use the video feed for personal viewing or distribute it for malicious purposes. They may also manipulate camera settings, disable them to create blind spots, or conduct reconnaissance for future criminal activities.
How To Minimise the Threat
It isn’t possible to full secure systems against attack. The FBI have said that the only safe systems ins one that hasn’t been hacked yet. However, having said that, to mitigate the risk of your surveillance cameras being compromised and sold by cybercriminals, it is crucial to follow good security practices.
Here are some hints:
Change Default Credentials
An absolute no-brainer. Always change the default usernames and passwords on your surveillance cameras. Use strong, unique passwords that are difficult to guess. Some browsers and software apps allow you to keep repositories of access credentials. Be very careful of these apps, and do not keep critical highly secure passwords in these repositories.
You only need to decrypt one set of credentials for the repository to gain access to all the credentials it holds, rather than decrypting each individually. Quantum computers now bring the capability of brute-force decryption into reasonable time scales. To brute-force decrypt an AES 128 bit encryption key using conventional equipment takes over a million years. A Quantum computer does it in a matter of weeks.
On the plus side, typically hackers won’t have access to quantum computers.
Keep Firmware Updated
Regularly update the firmware of your surveillance cameras to patch security vulnerabilities and take advantage of new security features provided by the manufacturer. New exploits appear daily, and it is vital to keep defensive walls up to date.
Secure Network Configuration
Ensure that your surveillance cameras are deployed on a secure network. Segment your network, use firewalls, and employ network security measures to prevent unauthorized access. This should be part of the overall network security systems deployed on your networks.
Implement Access Controls
Set up access controls on your cameras to restrict who can log in and manage the devices. Enforce strong authentication mechanisms, such as multi-factor authentication, to add an extra layer of security.
Disable Unnecessary Features
Disable any unnecessary features or services on your cameras to minimize the attack surface and reduce the risk of exploitation. This is important. Unused features tend to be neglected or ignored and can act as security loopholes.
Perform regular security audits of your surveillance camera systems to identify vulnerabilities and address them promptly. Monitor network traffic for any suspicious activities that could indicate a compromise. Automated monitoring services in software-defined and intelligence-based networks can make this automatic, especially when coupled with AI.
By following these security practices, you can significantly reduce the risk of your surveillance cameras being targeted and sold by cybercriminals.