Cybersecurity: how secure is your security?
Firas Jadalla, regional director for META region at Genetec, explores the risks of unsecured physical security devices
IP security cameras and other security devices are by their very nature connected to the internet. That's what lets users access them remotely to check in on their business, and what lets manufacturers update device software without having to make a house call. But this feature can also be their Achilles’ heel. When not secured properly, any camera or access control device in the so-called Internet of Things (IoT) can be accessed remotely by just about anyone, not just those with whom you want to share access. Similarly, unencrypted communications between a server and client application, or out-of-date firmware can all be exploited by cybercriminals, potentially putting an entire organisation’s network at risk.
And that’s a big problem for the physical security industry.
According to Gartner, by 2020 more than 25% of cyberattacks in enterprises will involve IoT devices. And yes, that includes the very devices that are supposed to help keep us safe. More than 60% of cyberattacks are currently on small to medium-sized businesses and small businesses are particularly vulnerable to these threats. Sixty percent of small companies are unable to sustain their business beyond six months following a major cyberattack.
Attacks on large businesses are also enormously expensive. According to a 2018 study by IBM and the Ponemon Institute, the average data breach costs companies $3.86 million and large-scale breaches can surpass $350 million.
You simply cannot afford to take any risks when it comes to protecting your physical security system against cyberthreats. The good news is you have help in the fight. Reputable physical security manufacturers and software developers have established a multitude of ways to protect against cyberthreats. And those that are most trusted don’t just stop there. They literally “attack” themselves in an effort to determine if their products really provide the protection they say they do. Another key partner that can help you protect against cyberthreats: trusted systems integrators who are in the field recommending and installing these physical security solutions.
How do cybercriminals gain access to a security system?
A poorly secured camera, unencrypted communications between a server and client application, or out-of-date firmware can all easily be exploited by cybercriminals. Ransomware attacks are particularly costly, and have been known to target systems running common, but outdated software.
All too often, people are the weakest link when it comes to cybersecurity breaches. Employees not changing default passwords on IoT devices is an easy way for opportunistic cybercriminals to gain access to your system. Brute force attacks consist of criminals guessing passwords, packet sniffing captures network traffic, and man-in-the-middle attacks eavesdrop on communications between two systems, using the gained information to their advantage.
Most physical security systems are a work in progress with new devices being added to expand the system or to replace outdated or broken products. The process of adding new equipment – perhaps from a different manufacturer with less secure standards – is another opportunity for a vulnerability.
Emboldened cybercriminals may have increased the scope of their attacks, but that doesn’t mean you are defenceless against cyberattacks.
What elements must a cybersecurity platform have?
One of the most important ways to combat cyberthreats is with a plan. Companies must develop training and educate their workforce as to the importance of best practices and the diligence in adhering to company policy. Choosing a systems integrator that recommends only the most trusted manufacturers and emphasises the importance of cybersecurity is a good start. Together, you’ll need to develop a solution that implements multiple layers of cybersecurity including encryption, authentication, and authorisation to your critical business and security systems.
Encryption is the process through which data is encoded so that it remains hidden from or inaccessible to unauthorised users. It helps protect private information, sensitive data, and can enhance the security of communication between client apps and servers. When your data is encrypted, even if an unauthorised person, entity, or cybercriminal gains access to it, they will not be able to read or understand it.
Authentication is the process of first determining if an entity-user, server, or client app is who or what they claim to be, followed by verification of if and how that entity should access a system. Depending on the setup, authentication can occur on either the client-side or server-side, or at both ends. Client-side authentication uses username and password combinations, tokens, and other techniques while server-side authentication uses certificates to identify trusted third parties. Two-factor authentication refers to two forms of authentication used in combination. Authentication is an important tool for keeping your data from getting into the wrong hands. It prevents unauthorised access and ensures that your security personnel are, in fact, the ones accessing your system when they log in. This means hackers can’t pretend to be a security server in order to take control of, manipulate, or copy your valuable and sensitive data.
Authorisation is the function that enables security system administrators to specify user or operator access rights and privileges. Administrators restrict the scope of activity on a system by giving access rights to groups of individuals for resources, data, or applications and defining what users can do with these resources. When administrators manage what their personnel can see and do, they are ensuring the security of the data transmitted and stored within the security system. This is a key way to increase the security of the system as a whole, as well as enhance the security of the other systems connected to it.
Cybersecurity is becoming one of the top business risks for organisations of all sizes. Everyone has a role in protecting your physical security system from cyberattacks. Be sure to choose trusted vendors who use multiple layers of defence such as encryption, authentication, and authorisation, as well as penetration testing. Only work with systems integrators who are committed to providing continuous protection against cyberthreats. The success of your business may depend on it.