In recent months, there have been a multitude of cyber attacks targeting video surveillance systems and the Internet of Things (IoT). In the aftermath of the Mirai botnet attack, an incredibly powerful distributed denial-of-service (DDoS) attack, some of the largest surveillance manufacturers scrambled to address the extreme vulnerabilities built into their devices.
During the October 2016 attack, Mirai, an open-source malware strain that scans the Internet for routers, cameras, DVRs, and IoT devices only protected by default passwords, used its army of infected devices to disrupt dozens of major websites including Dyn, one of the largest DNS service providers, by flooding the target servers with millions of discrete IP addresses sending junk traffic to block the flow of legitimate users.
While DDoS attacks like Mirai, designed to cripple websites by consuming all of their bandwidth, target vulnerable devices across the world indiscriminately, several highly sensitive markets experience the largest percentage of cyber attacks each year: healthcare, manufacturing, financial services, government, and transportation.
The expansion of the IoT has only compounded the problem by providing hackers with almost unlimited resources for carrying out their attacks. As more devices connect to a single network, the total system security is only as strong as the most vulnerable connected device. So, how can security professionals protect their systems against these attacks?
Similar to any sensitive data, video surveillance represents an untapped pool of information. Consider the key users of surveillance and the data being stored – defense departments, embassies, hospitals, police departments, etc. Beyond capturing metadata, by hacking into a video network, hackers will be able to view the camera footage, connect the infected device to a botnet, or even convert the device into a bitcoin mine undetected.
A single data breach cost businesses $4 million on average in 2016 according to the Ponemon Institute. The costliest attacks came from malicious code and denial of service. The role surveillance networks played in these attacks came from the relatively low-security, common factory default passwords, and the many IP cameras, DVRs, and NVRs that had to combat the malicious code that connected the device to a botnet. Once a surveillance device was infected, it became a tool used to take down target servers.
After the latest wave of high-profile cyber attacks, updating default passwords on connected devices has taken first priority when securing a system. Security integrators and manufacturers are quickly adapting to the ever-changing cyber landscape though. Proactive protection against cyber attacks is being implemented on many new high-performance video servers.
BCDVideo SMARTtechnology offers a single pane, simple monitoring solution. System administrators receive alerts for 32 system parameters for proactive troubleshooting on video recorders…