People, businesses and communities rely on cameras to increase safety and deter threats, but many would be surprised to learn that these network-connected cameras could be leaving them exposed to vulnerabilities. In a recent report, Protection1 estimated that there are between 5.42 and 7.79 unsecured cameras per 100,000 people in the States of North Dakota, District of Columbia, and Montana alone. (See the full report for the top states and cities within unsecured cameras in the United States). The same report concluded that 42% of cameras come from public spaces, 27% of unsecured cameras broadcast from businesses and retailers, and another 15% came from the homes of Americans.
As scary as these statistics might seem, the owners of these cameras left themselves and their businesses vulnerable to prying eyes by avoiding one simple step: changing the default password on the camera.
Most cameras come with default manufacturer passwords, which become commonly known. If you connect them to the network or access them from the internet without changing the password, you could become exposed. When installing and configuring the cameras, it’s important to change the default password to something secure. Depending on the manufacturer, some setup wizards will prompt you to change the password, but most will give you the option to skip the step entirely. Therefore, it becomes your responsibility to implement new passwords, and update them regularly.
Securing your data and video shouldn’t stop there. While changing the password is a simple way to make sure your cameras don’t become accessible by common viewing sites such as insecam.org, you still might be susceptible to unwarranted intrusion. Last month, thousands of CCTV devices were hacked in a denial-of-service (DDoS) attack against online retailers and their customers. It’s a more complex vulnerability, but an article from Computer World titled ‘Thousands of hacked CCTV devices used in DDoS attacks’ suggests that the devices’ basic settings left its clients vulnerable.
Download Hardening Guides to Reinforce Logical Security
Leading device manufacturers such as Axis Communications and Bosch take device security very seriously, and offer clients hardening guides which outline best practices for securing your cameras. In the hardening guides below, you can follow simple steps to handle anything from resetting root passwords, adjusting network settings to filtering IP addresses and more.
At Genetec, we also offer our customers a hardening guide with basic and advanced-level security features which can be configured to help reinforce your logical security. If you’re interested in learning about other aspects which can help you secure your IP security system, including communications, servers, and data, read the Security-of-Security blog series:
- How Secure Is Your Physical Security System?
- A Closer Look at Physical Security System Vulnerabilities
- What Is Encryption and How Important Is It?
- How Does Authentication Work
- A Closer Look at Authorization
- What We Know About the Security of Our Security