Articles by Karen Sangha
There’s no denying that cyber-crime is one of the biggest threats facing any organisation with the devastating results they can cause painfully explicit. Highly publicised cases stretching from the US government to digital giant Facebook has made tackling cyber security a necessity for all major organisations. The consequences of breaches have just become more severe, with new GDPR rules meaning any security breach, and resultant data loss, could cost your organisation a fine of up to four per cent of global revenue or up to 20 million euros. Cyber-crime potentially affects every connected network device. In the biggest cyber-crime to date, hackers stole $1 billion from banks around the world, by gaining access to security systems. It’s more important than ever for organisations to be vigilant when it comes to their cyber security strategy. To help avoid becoming the next victim, I’ve put together a five-point cyber plan to protect your video surveillance system. 1. Elimination of default passwords A small change to a memorable, complex password could have huge consequences for your business It is estimated that over 73,000 security cameras are available to view online right now due to default passwords. ‘Password’ and ‘123456’ are among the top five most popular passwords with a staggering 9,000,000 login details matching this description. Guessable passwords create an unsecure security system which can result in an easy way for hackers to gain access to your organisation’s data, making you vulnerable to a breach. A small change to a memorable, complex password could have huge consequences for your business. Removing default passwords from products and software forces individuals to think of their own to keep their data safe. If a password system is not provided by your organisation we recommend that your password uses two or more types of characters (letters, numbers, symbols) and it is changed periodically. 2. Encrypted firmware Encrypting firmware is an important part of any organisations overall security system. Firmware can leave an open door, allowing hackers to access your data. All firmware should be encrypted to reduce the possibilities of it being downloaded from the manufacturers website and deconstructed. If the firmware posted is not encrypted, there is a risk of it being analysed by persons with malicious intent, vulnerabilities being detected, and attacks being made. With i-PRO cameras and recorders, all firmware is securely encrypted to mitigate analysis There have been cases where a device is attacked by firmware vulnerabilities even if there are no problems with the user's settings, rendering it inoperable, and DDoS attacks being made on other servers via the device. With i-PRO cameras and recorders, all firmware is securely encrypted to mitigate analysis. There is also a possibility of being attracted to spoofing sites by targeted attack email and firmware being updated with a version that includes a virus, so firmware must always be downloaded from the vendor's page. It may also be advantageous to combine this with an imbedded Linux operating system which removes all unused features of the device, it can help to reduce the chances of malicious entities searching for backdoor entities and inserting codes. 3. Removing vulnerabilities within the operating systems Vulnerability is the name given for a functional behaviour of a product or online service that violates an implicit or explicit security policy. Vulnerabilities can occur for a number of reasons for example, due to an omission in logic, coding errors or a process failure. Network attacks exploit vulnerabilities in software coding that maybe unknown to you and the equipment provider. The vulnerability can be exploited by hackers before the vendor becomes aware. You should seek to minimise these issues by looking for a secure operating system which is regularly updated. Panasonic has developed Secure Communications, a platform and package to protect against video tampering, altering, spoofing and snooping As a provider of security solutions, Panasonic is taking a number of steps to ensure its consumers remain safe and secure. We have developed Secure Communications, a platform and package to protect against video tampering, altering, spoofing and snooping. We have combined with a leading provider of highly reliable certificates and technology for detecting and analysing cyber-attacks with its own in-house embedded cryptography technology, to provide a highly secure and robust protection layer for its embedded surveillance products. 4. Avoiding remote login using Telnet or FTP Telnet and FTP are a very outdated source of software which as a result means they lack built-in security measures Telnet and FTP are a very outdated source of software which as a result means they lack built-in security measures. File transfer protocol or transfer through cloud-based services means the files and passwords are not encrypted and can therefore be easily intercepted by hackers. An encrypted software removes the risk of files being sent to the wrong person or forwarded on without your knowledge. Telnet predates FTP and as a result is even less secure. Hyper Transfer Protocol Secure is a protocol to make secure communications by HTTP, and it makes HTTP communications on secure connections provided by SSL/TLS protocols. The major benefits of using this system is that HTTPS and VPN encrypt the communications path, so data after communications is decrypted and recorded. If recorded data is leaked, it will be in a state where it can be viewed. With data encryption, however, it remains secure and can even be recoded to storage. Thus, even if the hard drive or SD card is stolen or data on the cloud is leaked, data cannot be viewed. 5. Use of digital certificates Private and public keys are generated at manufacture in the factory and certificates installed at the factoryDigital certificates are intended to safely store the public key and the owner information of the private key it is paired with. It provides assurance that the accredited data from a third party is true and that the data is not falsified. It is beneficial for all data to be encrypted with digital certificates. Digital certificates are far safer when issued by a third party rather than creating a self-signed version unless you are 100 percent sure of the receiver identity. From April 2016, some models of Panasonic series iPro cameras come with preinstalled certificates to reduce the risk of interception and the hassle of having to create one. With i-PRO cameras with Secure function, private and public keys are generated at manufacture in the factory and certificates installed at the factory. As there is no way to obtain the private key from the camera externally, there is no risk of the private key being leaked. Also, certificates are signed by a trusted third party, and the private key used for signing is managed strictly by the authority. In addition, encryption has been cleverly implemented to reduce the usual overhead on the IP stream from 20% to 2%.
Jumbo Ten Brink Food introduced the face server into their store environment in March 2017 after discovering that almost 80% of shoplifting took place via large shopping bags. Since then, Jumbo has installed 80 Panasonic cameras in-store, helping them to win the award. Previously recognised by the National Institute of Standards Technology (NIST) as the most accurate on the market, Panasonic’s face server uses deep learning technology which maximises the performance of the core engine to achieve accurate and reliable recognition. The technology identifies faces that are ordinarily difficult to recognise with conventional techniques, such as those taken from an angle of up to 45 degrees to the left or right or 30 degrees up or down. It also maintains a 90% accuracy rate when detecting faces that are partially hidden by sunglasses or face masks. With this improved accuracy, security protection is enhanced and the system allows matches even when images are 10 years old Enhanced security protection If people are caught stealing, their image remains on the database. The face server provides a real-time processing capacity of up to 20 cameras per server and can execute high-speed searches of up to 30,000 registered reference faces. With this improved accuracy, security protection is enhanced and the system allows matches even when images are 10 years old. “The moment that a known shoplifter attempts to re-enter the store, an internal alarm is triggered, and we can take the best suitable action,” explains Edwin ten Brink, founder of Jumbo Ten Brink Food stores. “Thanks to the Panasonic face matching server, Jumbo has been proclaimed the safest store in the Netherlands." Karen Sangha, Panasonic’s Security Solutions Regional Marketing Manager says, “We are pleased to see that our customers are winning awards as a result of implementing our technology. We firmly believe that our face server is industry-leading and Jumbo Ten Brink Food’s success is testament to that.”
Panasonic’s secure communication platform has been named as the holistic security system of the year at IFSEC’s Security & Fire Excellence Awards 2018. Cyber security deterrents The package of cyber security deterrents was developed to mitigate the risk of attacks on IP surveillance systems and protects against video tampering, altering, spoofing and snooping. All firmware is encrypted to reduce the possibility of it being downloaded from the manufacturer’s website and deconstructed, while an embedded Linux operating system removes unused features on the device which could be easily exploited. This reduces the attack surface, and the chances of malicious entities searching for backdoors and/or inserting malicious codes. Data security and password protection Password protection is also improved and requires a unique, complex password to complete the installation set up Password protection is also improved and requires a unique, complex password to complete the installation set up. Default passwords are a known weakness for IP technology and have resulted in over 70,000 security cameras being viewable to anyone online. The technology has been tested thoroughly by ethical hackers prior to release to ensure that it is fit for purpose to provide our customers with complete peace of mind. Embedded cryptography technology Karen Sangha, Field Marketing Manager at Panasonic Security Solutions said, “We are combining a third-party certificate and technology for detecting and analysing cyber-attacks with our in-house embedded cryptography technology. The result is a now award winning, secure and robust protection layer embedded within our surveillance products.”