Halt, who goes there?

March 2019 Editor's Choice, Cyber Security

This way of thinking may have been relevant many years ago, but times and technology have changed in leaps and bounds and the two separate species have been forced to morph into a new hybrid, ‘FrankenSecurity’ for lack of a better word.

Craig Rosewarne.
Craig Rosewarne.

This way of thinking may have been relevant many years ago, but times and technology have changed in leaps and bounds and the two separate species have been forced to morph into a new hybrid, ‘FrankenSecurity’ for lack of a better word.

Physical security is a critical factor in an organisation’s defences, especially smaller businesses that do not have the vast resources to devote to personnel and equipment. IoT (Internet of Things) devices have stepped into the gap to assist in securing physical security. However, they bring with them their own inherent dangers. As devices become cheaper and more available, suppliers are rushing them into the market place without fully ascertaining any flaws that could be available to hackers and intruders.

Any Internet connected device is a potential point of entry into your organisation’s most valuable asset, data. CCTV cameras are invaluable in monitoring human traffic to restricted areas and are vital in providing forensic evidence during and after an incident where security has been breached. Security surveillance cameras have been used for many years, and early models are particularly vulnerable to a hacking attack. In many cases they are well over their end-of-life phase and there are no patches or updates available to keep them operating reliably.

Securing all entry points is not as simple as it sounds. It would take vast amounts of human resources to achieve this and, as we know, humans are also fallible. Security gates and doors requiring access cards and the like go a long way in alleviating the risk of unwanted guests. Biometrics add an additional layer of protection in protecting your company’s assets.

Again, however, all these devices being wireless and Internet based are vulnerable to attack. When one considers that a motor vehicle can be hacked and taken control of, simple IoT devices are a walk in the park.

An organisation’s sever room is the mind, heart and soul of the business and needs to be especially well protected both physically and using the best cyber defences. Here again, security gates requiring access cards and/or biometrics, CCTV cameras and alarms are crucial in protecting the ‘Crown Jewels’. Access needs to be severely curtailed to only those personnel vital to maintain the system. However, all personnel need to be trained in security awareness and foster an awareness of both physical and cybersecurity.

It’s all at risk

So what is at risk in a modern business complex? Well, basically everything. An innocent looking thermostat in a casino fish tank was recently hacked and access was gained into the system. As we seek to make our lives and running a business easier, people are turning to the Internet to take over many mundane functions.

A building relies on its HVAC (heating, ventilating, air conditioning) to keep its workers climatically comfortable. Most are connected wirelessly to a central control panel. Ditto with all video surveillance feeds. Even the humble irrigation and sprinkler systems pose a risk to an organisation from those seeking to gain access into the heart of the company or simply to make life unpleasant for those working there. Unfortunately there are very few standards that these devices are required to meet, making hackers lives a lot easier.

The convergence of physical and cyber- security has been around for a while now since the first attacks started. However, according to Scott Borg, director of the U.S. Cyber Consequences Unit: “As long as organisations treat their physical and cyber domains as separate, there is little hope of securing either one. The convergence of cyber and physical security has already occurred at the technical level. It is long overdue at the organisational level.” (http://fedtechmagazine.com/article.asp?item_id=512)

• The lack of a comprehensive fusion of both systems can lead to many challenges for businesses and organisations.

• Tampering with systems is more difficult to detect due to the lack of adequate physical and logical devices.

• There is a noticeable increase in the threat of theft of both financial and information assets.

• No single system is available to identify a person’s true identity.

• There is a lack of best practices applied to IT management and physical security devices.

The next time you are attending a company meeting, think of who else could be attending in abstentia and happily gathering future prospects, intellectual property and other company secrets. Your voice, video and data transmissions are not secure! It is estimated that there will be 22 billion IoT devices connected to the Internet by 2020.

Yes, that’s next year folks.

For more information contact Wolfpack Information Risk, +27 11 794 7322, info@wolfpackrisk.com, www.wolfpackrisk.com



Credit(s)





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

2020 Residential Estate Security Conference in KZN
October 2019, Technews Publishing , News, Residential Estate (Industry)
Meeting the residential security challenges in 2020 and beyond: Hi-Tech Security Solutions will host the Residential Estate Security Conference 2020 in Durban on 12 March 2020.

Read more...
Kaspersky uncovers zero-day in Chrome
October 2019, Kaspersky Lab , News, Cyber Security
Kaspersky’s automated technologies have detected a new exploited vulnerability in the Google Chrome web browser.

Read more...
From the editor's desk: More things change
CCTV Handbook 2019, Technews Publishing , News
Welcome to the CCTV Handbook 2019. This year’s handbook breaks a long tradition of publishing the handbook in the first half of the year by releasing it along with the October issue of Hi-Tech Security ...

Read more...
A platform approach to innovation and value
CCTV Handbook 2019, Technews Publishing , Editor's Choice, CCTV, Surveillance & Remote Monitoring, Integrated Solutions, IT infrastructure
Moving to the platform model of doing business holds tremendous advantages for end users and smaller developers, but also for the whole technology supply chain.

Read more...
Open does not always mean easy integration
CCTV Handbook 2019, VERACITECH, Technews Publishing , Editor's Choice, CCTV, Surveillance & Remote Monitoring, Integrated Solutions
Customers who opt for best-of-breed solutions will have to rely on their integrators to develop customised integrated solutions for them.

Read more...
The impact of AI on the surveillance industry
CCTV Handbook 2019, G4S South Africa, Hikvision South Africa, Myertal Tactical Security, Technews Publishing , Editor's Choice, CCTV, Surveillance & Remote Monitoring
What the impact of AI will be on companies, the services and solutions they supply, as well as on the jobs people do.

Read more...
Video analytics and AI
CCTV Handbook 2019, Axis Communications SA, Dallmeier Electronic Southern Africa , Hikvision South Africa, Technews Publishing, Dahua Technology South Africa , Editor's Choice, CCTV, Surveillance & Remote Monitoring, Integrated Solutions
Artificial intelligence has the potential to deliver real benefits in the world of video analytics and many companies are already delivering customer benefits.

Read more...
Cloudy with a chance of AI
CCTV Handbook 2019 , Editor's Choice, CCTV, Surveillance & Remote Monitoring, Integrated Solutions
One local company has developed an AI solution that can be added to existing surveillance installations, offering 24-hour intelligence.

Read more...
Integration insights
CCTV Handbook 2019, Gijima Electronic and Security Systems (GESS), Technews Publishing, neaMetrics , Integrated Solutions
The security industry would be a vastly different place if installers and integrators were not able to make a range of different products work together.

Read more...
Taking analogue to HD
CCTV Handbook 2019, Dahua Technology South Africa, Technews Publishing, Hikvision South Africa , CCTV, Surveillance & Remote Monitoring
Hi-Tech Security Solutions spoke to two companies that are driving the two primary analogue HD technologies.

Read more...