How hosted video surveillance can deal with cyber attacks

14 Mar 2017

The Internet of Things is here. In this new super connected era, we will leave our Smart Homes and travel on Smart Transport within Smart Cities. Countries are pouring money into this recipe for intelligent and improved systems, and for a while it could do no wrong. That is, until now.

2017 has seen the biggest cyber attacks ever, with major firms in the US and Europe like Twitter and The New York Times slowed or taken offline. These so-called distributed denial of service (DDoS) attacks involved tens of thousands of internet-connected devices, including unsecure routers, DVR machines, and digital video cameras. It’s believed that in some of the attacks, Mirai malware encoded with a list of default passwords searched online for “passive” internet-connected devices such as routers and cameras, which it then tried to take over.

While having a camera connected to a network is a chance for companies to improve surveillance and get exclusive qualitative and quantitative data for business use, unprotected cameras are also open to being hijacked and used for malicious purposes. They are often combined with ageing technologies that the industry is slow to update, such as password security.

Security firm Morphean is a European leader in video surveillance security used by retailers, government, alarm and transport organisations. Its VSaaS video management system tackles the problem head on. This, in response to a paradigm shift to a service model where security of a system is completely managed by a company’s service provider as part of their subscription.

Security experts say almost all breaches and intrusions are due to failures caused by people and poorly configured systems, together with a lack of maintenance. “A malicious user will always start his attack from the easiest and least demanding point, namely the users, and then attack the whole system at a later stage,” writes Axis Communications, a world leader in network and security cameras, and Morphean’s partner in the Video Surveillance as a Service (VSaaS) system.

In this sense, choosing Security as a Service prevents thousands of human mistakes and ensures all the necessary steps to avoid attacks are fully and comprehensively implemented, taking the latest security facts, events and developments into consideration. Also, VSaaS solutions enable the mass deployment of firmware centrally in order to patch security vulnerabilities.

With the Morphean VSaaS solution, the password of an administrative user on the IP camera is automatically changed more than once an hour. The device is managed over the VSaaS server, and there is no additional infrastructure needed for a company network. Customers also get the latest software updates, which are centrally managed.

This level of security is standard in Morphean products and applied to every connected camera the firm manages.

Managing security is a challenging job that requires demanding competencies. Such expertise is very difficult to develop in companies outside of their core business. It costs a lot in terms of administration, operations, IT resources but can nevertheless open the door to unscrupulous attacks. While the IP connected cameras offer both opportunities and new concerns at the same time, VSaaS offers the means to better and cost-effectively manage them.