Wed 31 Mar 2021
Why vulnerability in cyber security could be the biggest threat you face in 2021
The cyber threat is growing: security breaches have increased by 11% since 2018 and 67% since 2014 (Accenture). No organization is immune to the consequences, which range from huge ransom payouts, loss of reputation or even the complete closure of business operations.
You need to continuously assess and identify the vulnerabilities within your security system in order to work out how to combat these cyber security threats.
We have compiled a simple set of questions to get you started. For a detailed discussion of the vulnerabilities your security system faces, attend our online CPD webinar.
Question 1: How easily can a cyber security attack compromise my security system?
The harder it is for hackers to access your network devices, the more likely they will leave your security system alone.
There are now more security cameras connected to the internet, which increases vulnerability in cyber security. Poorly protected cameras devices are gateways for criminals to access an organization’s network. If you don’t see one coming, cyber security attacks are incredibly hard to stop. Early detection of a threat enables quick action against it.
Distributed Denial of Service (DDoS) attacks happen every day and are on the increase, whether you are an SME or a multinational corporation. Malicious DDoS attacks bombard your IP network with a flood of traffic, aiming to slow down or completely stop your online services - such as email and websites. Another purpose of a DDoS attack could be to distract your cyber security operations while sensitive data is being stolen or your network is infiltrated.
The financial implications of these attacks are huge, in addition to the potential loss of reputation you incur from losing sensitive information about your customers or operations. Companies report that IT services downtime costs anywhere from $300,000 to over $1,000,000 per hour.
Not all cyber attacks are caused by people wanting to do damage, others simply do it to prove a point. Recently, 150,000 security cameras were compromised at a number of high profile companies. This unsophisticated attack found a vulnerability in cyber security and they gained access to these cameras with the details of just one “super admin” account. Attempts like this could be avoided by simply changing the administrator passwords of devices when a system is installed.
It therefore goes without saying that changing the admin passwords on your security devices is a must.
Question 2: How do I know if someone has hacked my security system?
Professional hackers work hard to ensure that their efforts to identify a vulnerability in your cyber security cannot be traced. That doesn’t mean you can’t do anything about it. There are types of security management software which enable you to spot cyber security threats much more quickly, or even stop an attack altogether.
In a “honey pot” strategy, you set up one network device as a decoy to attract potential cyber security attacks. If a hacker tries to access this device, it triggers an alert in your Video Management Software (VMS) and enables your team to take action, without compromising your important cameras.
Intrusion detection software is a must for IP security systems. If you don’t know whether you have it, join our webinar to learn more about how to identify and combat cyber security threats.
Don’t forget - you’re not only contending with external hacking threats. The insider threat can be much harder to identify.
Internal attacks consist of an employee acting maliciously, on purpose or not. Possible internal cyber security threats range from deliberate theft or destruction of data, to the careless management of secure information such as admin passwords. Your security team must work to prevent and reduce the opportunity and motivation to commit such attacks.
An important step is to ensure you know who is in charge of cyber security in each of your departments, clarify who needs access to sensitive information and define who has the responsibility of educating those involved, for example through cyber security training.
Question 3: How can I better protect my security system from cyber security threats?
Industries such as casinos and events venues rely on CCTV imaging. If CCTV is unavailable, they have to shut down. This is an inconvenience and logistical headache that also has huge financial implications: every hour that a casino table is not in operation can cost thousands of dollars.
Your system’s architecture is key to this question, which refers to the layout of your network. Organizations tend to choose between two types: centralized and distributed. Both types have advantages and disadvantages for cyber security.
Centralized architecture uses a master database, usually in the central control room. IP cameras are recorded here and accessed via authorization from the central server. This can be easier to make secure because all video data is on one site, with greater control over potential cyber vulnerabilities such as internet access. However, if the central server fails, you could lose access to all your video, leaving operators helpless during critical incidents when it matters most.
On the other hand, a distributed architecture keeps your data close to where it is needed and often places NVRs at remote offices, which means you have to deploy the same level of security at multiple sites. However, the benefits can be substantial and especially relevant to the importance of cyber security. Where access to live video is critical, a distributed architecture means that even if one of your servers goes down, live camera footage can still be viewed by operators in your Video Management Software (VMS). Distributed network architecture is therefore seen as the most flexible and resilient way to build cyber security into a modern IP security system.
Vulnerabilities in cyber security are becoming more common and with increasing numbers of devices connected to the internet, and they really could be the biggest threat you face in 2021.
However, there is practical action you can take to combat this threat.