Be prepared for these 3 cyber threats

lördag, 31 december 2016

Author: Jos. Svendsen

Industry News

 

When talking about information security, CIA stands for Confidentiality, Integrity and Availability. It is a model designed to guide efficient information security policies within an organization. 

  • Confidentiality is roughly equivalent to privacy. This means ensuring that the VMS infrastructure is only accessed by the right people.
  • Integrityentails maintaining optimal consistency, accuracy, and trustworthiness throughout the entire data life cycle.
  • Availability is best ensured by designing the entire infrastructure to be as robust as possible. It also means maintaining a correctly functioning operating system and continuously updated application environment.A person or organization with malicious intent can harm or sabotage a VMS system in several ways. This means that people or assets could be at risk.

 

Hi-jacking can happen

A VMS system can quite easily be high-jacked, by form of remote control with malign intent or for ransom or espionage purposes. A breached VMS-system’s data and recordings can be used in an array of negative contexts. User accounts, camera placement or general VMS-system data can be used as a stepping stone for to get closer to an organization’s total infrastructure.

 

If the location and capabilities of all cameras and alarms are known, it is easy to plan a break-in can. And you’re not likely to discover it in the process: Spies do their utmost to avoid detection, as this would lead to countermeasures.      

 

These are some of the biggest cyber security risks:

                                          

Systems with bad perimeter defenses

Today’s VMS systems are often part of a business IT infrastructure. A successful attack in one part of the infrastructure might lead to confidentiality breaches in other parts. Therefore, it is generally recommended to isolate VMS systems from the rest of the IT infrastructure: If you can’t get to a system, you can’t harm it.

 

If the VMS system needs integration to other systems, it should be done via a secure Bridge. Software should always be updated to the latest versions, as all serious software vendors will update it as new security threats are discovered.

 

It is important to remember that this not only goes for computers:  All cameras, mobile clients and NVR systems need the same level of attention and precautions. In these cases, it is vital to be able to document the entire security infrastructure to ensure that no devices or computers have slipped under the radar. 

Any system functions not needed for visual security should be shut down, like browsers, mail clients and file transfers. Again, if you can’t access a function, you can’t harm it. 

 

This also means that access to internet should be avoided for any device in the VMS infrastructure. In the case of mobile clients, ensure that the mobile server is secured.

 

Stolen identities

It does not help to have a well-defended VMS system if anyone can guess user accounts and corresponding passwords. A password policy for VMS systems and mobile devices needs to ensure that all necessary passwords are changed regularly.

 

Depending on the system, stronger types of user identification might be used. Two-level authentication (where a user is identified by more than just a password) is a way of securing the system even further. Biometric identification in combination with a password gives an extra layer of security.

 

The inside factor

People are an organization’s biggest asset. In some cases, they also pose a risk. As organizations implement increasingly sophisticated physical and cyber security measures to protect their assets from external threats, the recruitment of insiders becomes a more attractive option for those attempting to gain access.

An insider is a person who exploits or intends to exploit their authorized access to an organization’s assets for unauthorized purposes. It could be a full-time or part-time employee, a contractor or even a business partner. An insider could deliberately seek to join your organization to conduct an insider act or be triggered to act at some point during their employment. 

Employees may inadvertently trigger security breaches by ignoring rules or through non-compliance due to the work pressure or an oversight.

Physical access controls to VMS-systems should be in place, as should procedures for screening personnel. It is essential that all staff is trained in security measures.  A second security system securing the primary security VMS system is becoming a more relevant option as VMS systems turn increasingly business-critical.

It is important to harden all VMS systems as much as possible, by following the general guidelines as outlined by CERT and the Milestone Hardening guide

A good place to get more informed about all aspects on cyber security is the Microsoft cyber security blog.