Hackers often seek the lowest cost opportunity with the greatest chance of success.
Dodds points out that certain breaches, like the one Verkada suffered in 2021, underscore how simple it can be to exploit improperly configured devices. “In this particular case, hackers gained unauthorised access to the company’s systems using publicly available administrative credentials, which were likely weak or reused passwords,” notes Dodds.
This example illustrates the critical need for strong password policies and proper configuration of security devices. Weak or reused passwords can provide an easy entry point for hackers, leading to significant security breaches.
Addressing the CCTV blind spot
Despite video surveillance cameras and other IoT devices accounting for just 1.2% of all devices, they are responsible for 24% of malicious activity.
Dodds emphasises the need for collaboration between IT security teams and physical security functions.
“To counter the threat, physical security professionals must proactively partner with their counterparts in information security to better understand the true limits of the security perimeter and work to develop strong governance and processes to avoid or mitigate cyberattacks,” Dodds advises.
This collaboration is crucial for a comprehensive security posture. IT teams should also be wary of high-risk security camera vendors, particularly those subject to restrictions in the USA but widely deployed in Europe. Dodds suggests treating these vendors “like digital asbestos” and having a plan to address their presence in the business.
Key steps to securing
There is no single solution to securing video surveillance cameras and other IoT devices, but several controls can be implemented.
Dodds recommends ensuring cameras are running on the latest firmware and that security updates are regularly applied.
“This is a rudimentary aspect of good cyber hygiene,” Dodds states.
Regular updates and firmware management are fundamental to maintaining the security of these devices. By keeping software up to date, companies can protect against known vulnerabilities and reduce the risk of cyberattacks.
The security of video surveillance cameras and other IoT devices is a critical aspect of a company’s overall cybersecurity strategy.
By understanding the vulnerabilities, methods of attack, and necessary protective measures, businesses can better safeguard their assets and data.
As Dodds highlights, a proactive and collaborative approach between physical and information security teams is essential for mitigating the risks associated with these devices.
******
Make sure you check out the latest edition of Cyber Magazine and also sign up to our global conference series – Tech & AI LIVE 2024
******
Cyber Magazine is a BizClik brand
This post was originally published on the 3rd party site mentioned in the title of this this site