Arecont Vision's Cyber-Hardened Cameras


View/download original article published on Malaysia SAFE here.

Arecont Vision megapixel cameras are cybersecurity-hardened. Hackers are increasingly using surveillance cameras as their point of attack, used to break into, corrupt, or disrupt surveillance systems, computer networks, and the Internet. Cybersecurity is now more important than ever.

Many IP surveillance cameras have relied on network security to protect them from abuse, or offered no security at all. That is changing as cybersecurity attacks become more sophisticated. Manufacturers need to balance the user experience with security, and no product should be connected to the network unless it offers 16 character ASCII passwords and the ability to receive feature and security updates after installation.

A more challenging issue is cyber-hardening of surveillance cameras. Most cameras run common operating systems (OS), such as Linux. This lets the manufacturer add third party code and add-on chips for new features, rather than developing everything on their own, for both cost savings and time-to-market reasons. Unfortunately, this opens the camera to cyberattack through potential buried malware and in providing OS entry points to attackers.

Verisign, a US-based network infrastructure and security company, reports that the frequency of cyberattacks is increasing by 75% year-over-year (see https://goo.gl/tHVZKR).

Tens of thousands of cameras, NVRs, and Internet-of Things (IoT) enabled-devices have been misused in well-publicized Distributed Denial of Service (DDoS) attacks. DDoS attacks turn devices into robotic attackers or "bots". A September 2016 attack on Krebsecurity.com and French hosting firm OHV involved over 140,000 hijacked network cameras and DVRs (see https://goo.gl/Df4Mkr).

The next month, a major DDoS attack on network monitoring and DNS routing company Dyn impacted up to 85 web services, slowing or cutting off access to Amazon, the Financial Times, Netflix, PayPal, Reddit, Spotify, Twitter, and other sites with an estimated $100M loss in revenue (see https://goo.gl/mtyrp8).

On January 31, 2017, the Security Industry Association Update e-newsletter reported the police department in Washington, DC, lost control of 123 of 187 NVRs to a ransomware cyberattack. A city police department outside of Dallas, Texas was also reported to have suffered lost video after a similar incident. Ransomware encrypts the data on computer systems, and charges a ransom to have the encryption removed. It was not revealed if the cameras were used to propagate these two cyberattacks, or if it was by other means.

Should a hacker obtain an ID and password for an Arecont Vision camera, they are only able access that individual device. They would be unable to repurpose it maliciously, unlike other network surveillance cameras that have been proven susceptible in previous cyberattacks time and again.

To protect networks and devices, Arecont Vision is the proven cyber-hardened camera choice.