Avatar photo

European Pre-Sales Manager, ZyXEL

Author Bio ▼

Hugh Simpson is European Pre-Sales Manager at ZyXEL.
August 26, 2016


State of Physical Access Trend Report 2024

How to protect your cloud-based video surveillance system against cyber attack

Cloud-computing-securityWith businesses focusing above all else on growing revenues, investment in CCTV security often falls by the wayside.

Unfortunately, the reality is that these companies are vulnerable to the same external threats as much larger corporations, yet have to combat them with much stricter budgets. Until now, implementing secure surveillance has been a real headache.

However, the arrival of cloud-based video surveillance solutions has opened a range of new possibilities for small-scale deployments, giving small to medium sized businesses access to high quality security solutions like never before.

With full cloud solutions, data is stored remotely, removing the need for vast amounts of on-site hardware. This gives smaller businesses the option to record and store data on a more affordable and scalable platform that meets their growth or needs at the time.

The ability to remotely view and manage video, either in a full cloud set-up or through an internet link to a DVR, gives business owners the opportunity to manage multiple locations from multiple sites on any device they choose. For small scale hospitality businesses out of the box solutions such as the one recently announced by Nest are particularly enticing, with an-unprecedented ease of set up and limited management bringing benefits almost instantly.

However, as is the case with any connected device, it’s important to remember that they are not immune to attack. There have been numerous examples of video security systems that have been breached.

One study found that many low-end devices had a hard-coded, unchangeable password for the highest-privilege user in their software, making them vulnerable to attack

A recent example from Context Information Security proved that a Motorola cloud-based camera was able to be hacked, having its movement controlled and its video feed re-directed to another source. Research from Cloudview also showed that a majority of both cloud based and remote DVR systems can be readily hacked, providing an open door to cyber criminals.

It goes without saying that the damage criminals can do with access to these systems has tremendous implications. Aside from monitoring the locations of security guards, the location of valuable goods and spying on employees, there have been instances where video feeds have been uploaded online for all to see.

Therefore, for businesses looking to implement a cloud or remote based security system, comprehensive security measures must be put in place. Identifying weaknesses in the network and creating processes to block them can greatly limit any chances of a breach.

Securing the device

Modern systems often allow remote management through mobile apps or web-based user interfaces. Unfortunately, hackers see these as easy targets, like this example where cameras were hacked in a little girl’s bedroom, but several simple measures can be put in place to make it a more difficult system to penetrate.

Most of these solutions come with default passwords – so the obvious priority here is to make sure these are changed immediately. In some cases, default passwords can be found online, guessed or shared easily by criminals, making access to video technology far too easy.

In a study from Risk Based Security, it was even found that many low-end devices in particular had a hard-coded, unchangeable password for the highest-privilege user in their software, making them vulnerable to attack.

It’s also worth using a different password for each log in. This way, even if your first stage of authentication is hacked, the damage they can do at that level is already restricted. By selecting interfaces that have a limited number of password attempts, this can prevent brute force attacks.

In addition, it’s imperative for the cameras and DVRs to be kept up to date with the latest firmware, ideally automated through the cloud, and contain high levels of security credentials.

Securing the network

If some vulnerabilities are discovered, some manufacturers are often keen to keep these under wraps. Therefore, securing the network as well as the devices is equally important in preventing any breaches.

Employing a next-generation firewall, using deep packet inspection technology to scan multiple layers and protocols, can effectively protect against intrusions and backdoors

One of the major routes that hackers expose is the network connections that link the video surveillance devices to the remote management and cloud servers. For the most part, this involves port-forwarding: creating a small hole in the modem’s firewall to enable the surveillance software to communicate with the public network of the internet.

However, this can cause problems as criminals often scan for open ports and use a range of methods to intercept the connection. For example, a recent study from Cloudview showed that criminals could expose devices by easily hijacking connections to the device’s IP address.

Measures can be taken to reduce risk without jeopardising remote functionality. For example, limiting the number of ports connected to network at one time can reduce the number of avenues for criminals to exploit.

In addition, employing a next-generation firewall, using deep packet inspection technology to scan multiple layers and protocols, can effectively protect against intrusions and backdoors. An intrusion detection appliance can also monitor and log any abnormal activity on the network, allowing attacks to be easily identified.

Although this sounds like a lot of hardware to deploy, these can be found integrated within a unified security gateway (USG) at a fraction of the cost of standalone units. They can also be managed easily through a simple user interface, and updated automatically via the cloud, resulting in a minimal amount of maintenance.

Making your security secure

When used correctly, cloud based and remote managed video surveillance tools can provide an effective and easy to set up solution for SMBs, providing them with a level of security that was previously unobtainable. As well as the productivity benefits provided by remote access, the solution allows an excellent level of security at multiple locations.

However, before deploying these systems, it’s essential to make sure they take the necessary measures to prevent risks rather than bringing new ones to the business. By taking some simple steps in building immunity to cyberattacks, cloud solutions can become the perfect tool for SMBs looking to safeguard their premises.


Free Download: The Video Surveillance Report 2023

Discover the latest developments in the rapidly-evolving video surveillance sector by downloading the 2023 Video Surveillance Report. Over 500 responses to our survey, which come from integrators to consultants and heads of security, inform our analysis of the latest trends including AI, the state of the video surveillance market, uptake of the cloud, and the wider economic and geopolitical events impacting the sector!

Download for FREE to discover top industry insight around the latest innovations in video surveillance systems.


Related Topics

Notify of
Inline Feedbacks
View all comments