Security cameras are intended to increase safety in our communities – but they aren’t always the most secure. Many of the cameras placed in public spaces, homes, offices, and businesses are actually operating without password protection (or are still using the default password set by the manufacturer). These open security cameras are unprotected from malicious individuals and vulnerable to prying eyes. The result? As we go about our daily business, we may in effect be broadcasting our lives to the public.
People, businesses, and communities rely on cameras to increase safety and deter threats, but many would be surprised to learn that these network-connected cameras could be leaving them exposed to vulnerabilities.
Keeping default passwords can put your organization at risk.
Camera owners often unknowingly expose themselves and their businesses to prying eyes by avoiding one simple step: changing the default password on the camera.
In 2016, thousands of CCTV devices were hacked and became part of a botnet which caused massive denial-of-service (DDoS) attacks against a critical part of the infrastructure of the internet causing major internet platforms and services to become unavailable. This was the act of the Mirai Botnet and its method of infection was simply to try 60 common factory default usernames and passwords.
Most cameras come with default manufacturer passwords, which become commonly known. If you connect them to the Internet without changing the password, you could become exposed. When installing and configuring the cameras, it’s important to change the default password to something secure.
Depending on the manufacturer, some setup wizards will prompt you to change the password, but others will give you the option to skip this step entirely. Therefore, it becomes your responsibility to configure strong passwords and update them regularly.
Securing your data and video shouldn’t stop there. While changing the password is a simple way to make sure your cameras don’t become accessible by common viewing sites such as insecam.org, you still might be susceptible to unwarranted intrusion.
And at the opposite end of the spectrum are those security camera manufacturers that are known as security liabilities. Some have even been banned from being used in US government facilities complex as authorities feel that employing surveillance technology from specific Chinese manufacturers can leave a back door open to the Chinese military or government agencies.
As a result, in August 2019, all US federal government bodies were directed to remove tech from four manufacturers (Huawei and ZTE, as well as surveillance camera makers Dahua and Hikvision) that are considered too closely linked to the Chinese government.
But truly, if we all are mindful to follow appropriate protocol for secure surveillance camera implementation, these tools can give us what they were designed to: provide peace of mind.
Partnering with trusted integrators who are able to offer a wide spectrum of solutions that meet your specific needs is key to the overall success of any security platform. Clients have relied on SIGNET’s integrated security expertise since 1974.
SIGNET security expert and Vice President of Engineering Greg Hussey can be reached at firstname.lastname@example.org.