A closer look at physical security system vulnerabilities

In our last post, we spoke about the Security-of-Security. Specifically, we raised questions about the kind of information contained in your IP physical security system, how that data is protected, and what that information allows people to do.

You may have started looking at what could happen if the data in your system ended up in the wrong hands, and maybe you're now wondering how it might get there and what you can do to prevent that from happening.

How can hackers access unprotected or inadequately protected security systems?

With greater connectivity over the Internet and multi-organizational access to security systems stemming from increased public-private cooperation, IP physical security systems can be just as vulnerable to attacks as other business systems. 

As with any software solution that resides on a network, IP security systems and edge devices alike are susceptible to a variety of attacks.

Hacking an IP security system can take multiple forms. 

Brute-force attacks

Some are quite basic; for example, in a brute-force attack, a hacker simply "guesses" at passwords. Given that most users choose easy to remember passwords, many of them can be guessed or cracked by a simple algorithm. But choosing more complex passwords isn't always the best solution as they can be easily forgotten. The result can lead to the ideal conditions for a successful brute-force attack. 

In addition, even while you mitigate such attacks by implementing safeguards against what is essentially basic human nature, there are other types of cyberattacks against security systems that focus on communications and stored data.

Genetec - Troy Hunt

Man-in-the-middle attacks

With a packet-sniffer, a hacker can capture data packets that can be used to obtain passwords or other sensitive data, like video content, in-transit over a network.

A man-in-the-middle attack can happen when a user gets between a sender and a receiver and sniffs information. Often times, the hacker "listens" until the client sends a user name and password to the server, which gives the hacker the credentials necessary to access the system.   

In addition, after reading and potentially altering the data, the man-in-the-middle attacker can then send it along without the receiver having any knowledge that the exchange is not secure. Since neither the sender nor the receiver is aware that this has occurred, they have no way of knowing that their data has been tampered with or corrupted.   

So what can you do to prevent cyber attacks?   

Up next, we're going to look at encryption, a key component in keeping your data and your whole system private and secure.

 

 

 

Previous Article
Q&A with cybersecurity expert Hart Brown to discuss cyber liability insurance
Q&A with cybersecurity expert Hart Brown to discuss cyber liability insurance

Hart Brown, cybersecurity expert from Firestorm Solutions discusses cyber liability insurance

Next Article
A guide to hardening your Security Center system
A guide to hardening your Security Center system

Consult our hardening guide for tips and tricks on how to better secure your Genetec Security Center system.