In today’s connected world, network intrusions and breaches have become a way of life, as hackers and cybercriminals work constantly to discover and exploit vulnerabilities. Because businesses of all sizes rely on their IT infrastructure to a growing degree, technology providers are working just as hard to stay ahead of would-be attackers. However, it’s difficult if not impossible to eliminate every potential threat. Therefore, it is highly likely that most organisations will suffer a breach at some point, introducing risks that can lead to business interruption, financial loss, reputational damage and more.

How we view and evaluate cybersecurity

In light of these realities and the potential fallout of network breaches, it is time to change the way we as an industry view and evaluate cybersecurity. Rather than seeing the technologies and practices for securing networks from a cost perspective, we must instead carefully consider the value of cybersecurity through the lens of the damage and potential liabilities of a breach caused by cybersecurity failures.

Traditional cost-centered views of cybersecurity are not only outdated but are also inaccurate, as securing the network begins far before the implementation of a cybersecurity solution – with best practices including a number of basic precautions that do not require major investments.

Security passwords and credentials

One of the most effective measures security professionals can take to decrease the likelihood that an IP device will be a hacker’s point of entry to a network is also one of the most basic: change default passwords. But as straightforward and obvious as this may be, the truth is that many networked surveillance cameras and other security technologies deployed in the field are still using default settings. Some estimates put their number of these IP devices in the hundreds of thousands.

The truth is that many networked surveillance cameras and other security technologies deployed in
the field are still using
default settings 

Cyber criminals know that there are websites dedicated to listing known default passwords for any number of branded IP devices, including cameras, access control hardware and more. This means these devices are essentially broadcasting to anyone who wants to put forth the effort it would take to access them. Not surprisingly, when hackers attempt to compromise a device, the first thing they try is the default password with an unbelievably high rate of success.

The only reason this risk exists is because installers and/or end users far too often fail to take the incredibly simple step of creating new passwords for IP devices when they are deployed. This is both unacceptable and unnecessary.

Segmented surveillance networks

Another critical step organisations can take to protect their IP cameras, recorders and other security devices from intrusion is to isolate the security surveillance network from networks used for general operations. Physically or virtually separating your security surveillance network from the general, internet-facing network prevents hackers from accessing surveillance systems, helping to protect your valuable, sensitive information.

For achieving this segmentation, virtual LANs are recommended. These networks separate traffic between surveillance systems and other devices on the network.

Tampering detection technology should also be employed to quickly detect any unauthorised access
Organisations can protect their security devices from intrusion by isolating the security surveillance network from general operations networks

Physical access tampering

Surprisingly, not all network intrusions are committed remotely by hackers using sophisticated technologies and methods to remotely gain access. Cybercriminals have considerable expertise in breaking into facilities and often begin their crimes with physical access to the systems they are looking to compromise. 

With physical access, individuals can reset any IP device to defaults, allowing new settings to be configured and security to be compromised. The first step in preventing this from happening is to install devices in locations where they cannot be reached easily, preferably within appropriate vandal-resistant housing that prevents physical access and damage. Tampering detection technology should also be employed to quickly detect any unauthorised access, and any cabling should be run through conduits or behind or through walls to prevent them from being unplugged or otherwise intercepted.

This is also where the entire physical security programme, from access control to guards to software, provides protection for itself in addition to protecting the organisation’s premises and personnel.

Monitored user permissions

Another technique for preventing unwarranted or unauthorised access to data and settings is for organisations to restrict user permissions for both local and remotely connections to networks or devices.

A best practice for applying user permissions is the least privilege principle, which limits the features users may access to the minimum users require to perform their necessary functions. Additionally, any guest access to networks or devices should enable very limited functionality and access.

It is imperative that security professionals and/or end users ensure surveillance systems are up to date

Identify and exploit software vulnerabilities

A common approach hackers employ is to identify and exploit software vulnerabilities, relying especially on versions that have not been updated to improve security. Once a vulnerability has been found, it is quickly shared online, which opens the door for multiple individuals to easily access devices running outdated firmware and potentially gain access to the network itself. Recognising this, software providers continually release updates that deliver improvements to close these open doors and protect users from unauthorised intrusions.

However, no update can be effective if it isn’t installed, which is often the case, leaving devices and networks vulnerable to attacks. It is imperative that security professionals and/or end users ensure surveillance systems are up to date. All it takes is a few clicks to improve the cybersecurity protection of devices and networks.

Effective cybersecurity tactics

Unfortunately, network intrusions are here to stay and given the increasing sophistication of the tools and tactics hackers employ, the problem will only get worse. In the security industry, we must shift our view of cybersecurity away from costs and consider the value of preventing breaches. By employing some very basic but effective tactics, organisations can substantially increase the security of their networks and help to protect the sensitive data and assets they contain.