printer friendly version

From the Editor's desk: No really, take it seriously

Cybersecurity is a topic that has been done to death in the media. The blanket coverage has been so great that people, even the few that realised the danger, have started to gloss over the issue, barely pausing to read the gossip of who got hacked and what they lost.

In the physical security industry, and Hi-Tech Security Solutions in particular, we have been talking about cybersecurity for a long time, both as a general topic and focusing more on the risks the physical security market faces. In May this year we ran an article in which Vivotek announced it had teamed up with Trend Micro to include cybersecurity for its surveillance products (the article is at www.securitysa.com/62747n).

Some of the more cynical readers may have thought this was just another marketing stunt designed to get some attention. It wasn’t. Trend Micro recently released a report stating that, following the Vivotek partnership, it has blocked five million attempted cyberattacks against IP cameras in just five months. These results were aggregated from 7000 IP cameras. (You can find the article at <a href=http://www.securitysa.com/*trend1 target=”_blank”> www.securitysa.com/*trend1</a>, redirects to ( https://newsroom.trendmicro.com/press-release/company-milestones/trend-micro-software-strengthens-security-cameras-blocking-5-millio).

Mirai and its variants are one (only one, but perhaps the most famous malware in this segment) of the malware groups being used for attacks, with the report showing 75% of these attacks “were brute force login attempts” that “opens the door for further system exploitation”. If you thought cybersecurity vulnerabilities were only an IT problem, this article will change your mind.

Fortunately, these two companies are not the only ones aware of this type of threat. A consulting engineer who was active in the security field in South Africa for many years before moving to the UK a year or so ago, told me he is now involved with a company looking at establishing standards (in the ‘secure by design’ mould) that would see security being built into devices like cameras from the initial manufacturing stage. Not simply adding security ‘stuff’ as an afterthought, security would be top of mind throughout the design and manufacturing processes to ensure the most secure device possible eventually hits the market.

Of course the software running on the hardware would also need security standards and we have and are seeing, many security manufacturers incorporating the secure by design philosophy into their own equipment, both hardware and software. While this is to be lauded, perhaps the industry should get together to devise some global security standards on top of which individual companies can add value with their own products and services.

Fortunately this is already happening with SAST (Safety and Security Things) and the OSSA (Open Security & Safety Alliance). We will be covering these two organisations and their goals in the CCTV Handbook 2019, coming out in a couple of months.

And on the topic of the CCTV Handbook, if you have surveillance ideas or implementations you think are worth talking about, feel free to let me know at [email protected].

Andrew Seldon.

Share this article:

Further reading: