From the editor's desk: Open season on IP surveillance
April 2017, News

Who would have guessed that IP surveillance equipment would become such a player in the cybersecurity world? Never mind the Mirai botnet that made use of some sloppy coding from a Chinese manufacturer last year, many of the leading camera brands have had the displeasure of having security vulnerabilities in their kit exposed to the public.

A couple of weeks before writing this, an IPVM newsletter contained news of vulnerabilities in IP cameras from Geutebrück, Hikvision, Dahua and Siemens (which was bought by Vanderbilt in 2015). And at the same time, there was some kind of bot targeting older Hikvision equipment using the default password and locking users out of their systems (later kit forces installers to change the admin password on installation). And the latest news is there are more vulnerabilities from more manufacturers. You’d think we worked in IT.

And there are other companies that have been called out for vulnerabilities before this particular week. Then there’s the war of words between Genetec and Hikvision in which Genetec will only allow users to hook up to Hikvision cameras if they sign a waiver absolving the VMS software developer of any problems resulting from a possible back door in Hikvision’s systems. Hikvision obviously denied any back doors exist and it’s safe to say the companies are not best of pals right now – see inside for Hikvision’s response.

One may wonder why this is all happening now? It’s all to do with the Internet of Things (IoT) in which everything is connected. That sounds good, but really it’s simply the result of moving to IP surveillance. Cyber criminals, who are just criminals with a cool name, always opt for the easiest target and as the IT world makes it harder to gain access to corporate networks, so the bad guys have looked for an easier mark, which is IP equipment (as well as a host of other IoT devices which are even less secure).

It was only the paranoid who thought about hacking a network via an IP camera five years ago, but how right they were.

In this issue of the CCTV Handbook, we take a look at what is happening in the surveillance world with a particular focus on the new annoyances the industry has to deal with: cyber security and the IoT. Even if you don’t care, even if you ignore them, you can’t escape their influence.

So, no matter what camera brand you have installed, do yourself a favour and search their websites for new versions of firmware. It’s a schlep, but nowhere near as much of a schlep as explaining why your corporate network and data were so easy to compromise through your surveillance installation.

There has been so much to include in the CCTV Handbook 2017 that we couldn’t fit it all in the pages that follow. There will, therefore, be additional articles online along with the articles in the handbook as soon as the publication hits the street.

We hope you enjoy the CCTV Handbook 2017 and find something of interest on every page. Your comments, criticisms and suggestions are always welcome. Please send them to andrew@technews.co.za

Andrew Seldon

Editor