Your IP camera is a computer

November 2015 News

It’s a sad fact that in the security industry, cost more often than not clinches the deal. This is not always the case as there are some people out there buying security because they know what they want to get out of it, but in many cases it is still a grudge purchase and the cheapest offer wins – or the guy who knows the guy and/or sweetens the deal, wins.

A couple of decades ago this may have been acceptable, but not today. In a world where everything is connected, you can’t leave vulnerabilities open to exploitation because they will be exploited. Take the example of Hikvision a few months ago when its cameras were used to compromise a network. The issue was publicised and Hikvision’s name was associated with the breach, but in the end it was not the camera manufacturer’s fault.

In this particular instance, the installer hadn’t bothered to change the default password on the IP cameras, allowing hackers to easily access the cameras and then the network. Hikvision has since said it is updating its firmware to ensure that installers have to change the password when installing a camera. Unfortunately this won’t help unless the installer uses a decent password and not “password” for every camera. And that won’t happen unless the customer insists on strong passwords and actually manages the process to ensure it’s done.

Another more recent example comes from Israel where researchers found malware had been installed on a mall’s cameras – again the default passwords were left in place by an irresponsible installer – and the cameras were used to launch a denial of service attack. The attack was launching about 20 000 requests per second from around 900 IP cameras in this particular mall and other cameras around the world – a global CCTV attack. (You can see more at, short URL:

Identity and access

And on the subject of access and identity, our Access & Identity Management Handbook 2016 is being posted at the same time as the November issue, so make sure you get yours. It has 144 pages of information, trends and products to ensure you get a head start on access control in 2016. As always comments are welcome at

Andrew Seldon



Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

TAPA: The role of an effective treasury function in business risk management
June 2019, Technews Publishing , News
Neil Le Roux, the Founder of Diligent Advisors will speak at the TAPA SA (Transported Asset Protection Association) annual conference on 26 July 2019.

Platforms are us
September 2019, Technews Publishing , News
A conversation I had at the recent Residential Estate Security Conference Hi-Tech Security Solutions hosted in August (which will be reviewed in the October issue) got me to thinking about the security ...

TAPA conference 2019 explores layered approach to security
September 2019, Technews Publishing, TAPA (Transported Asset Protection Association) , News, Transport (Industry)
The Transported Asset Protection Association (TAPA) held its annual South African conference at Emperors Palace in Johannesburg on 26 July 2019.

Hennie Lategan joins Centurion as head of exports
September 2019, Centurion Systems , News, Access Control & Identity Management
Centurion Systems has announced the appointment of Hennie Lategan as the head of the company’s exports department.

New Africa sales manager for Axis Communications
September 2019, Axis Communications SA , News, CCTV, Surveillance & Remote Monitoring
Axis Communications has appointed Brendon Hall, previously the founder and MD of Pentagon, as its new sales manager, Africa.

Check Point appoints new regional director for Africa
September 2019 , News, Cyber Security
Check Point Software Technologies has appointed Pankaj Bhula as regional director for Africa.

ISO standard for protecting personal data
September 2019 , News, Cyber Security
Tackling privacy information management head on: first ISO standard for protecting personal data has been published.

Hikvision helps secure African Union Summit
September 2019, Hikvision South Africa , News, CCTV, Surveillance & Remote Monitoring
Hikvision established a complete intelligent video solution to ensure the security of the thirty-third African Union (AU) Summit held on 7 July in Niamey, the capital of Niger.

The hunt for the Carbanak group
September 2019 , Editor's Choice, Cyber Security, News
Tomorrow Unlocked has released a free four-part documentary that tells the story of the notorious Carbanak APT group and its $1 billion bank heist.

Rockwell Automation a founding member of ISA Global Cybersecurity Alliance
September 2019 , News, Industrial (Industry)
To better secure today’s complex and often vulnerable production operations, the ISA Global Cybersecurity Alliance recently announced Rockwell Automation as a founding member.