To understand the scale of today’s cybersecurity threats, consider this: as of August 2024, there have been over 52,000 published Common Vulnerabilities and Exposures (CVEs). This marks a significant increase, with vulnerabilities growing 30% over last year’s total. The reasons for this spike are diverse:
Watch as David Brent of Bosch Security and Safety Systems provides an update on the state of cybersecurity in security today and the measures Bosch is taking to stay ahead of the threats when he presented his Spotlight on Technology session at the 2024 Security Technology Forum >>
Surveillance systems have evolved to counter these growing threats. Let’s break down some key strategies:
Internal and External Testing: Reputable manufacturers, such as Bosch, regularly test their products through "pen testing" to find and address vulnerabilities before hackers do.
Secure Firmware and Hardware Design: Surveillance devices now come with secure firmware (software within the hardware) to prevent unauthorized access. For instance, Bosch's cameras are designed with crypto coprocessors, which are similar to tiny secure “printing presses.” These chips help create unique digital certificates that ensure only authorized data can be processed by the camera.
Elimination of Weak Links: Older equipment may only support outdated protocols like SSL and early versions of TLS, which are now considered vulnerable. Modern systems must support the latest standards like TLS 1.2 or 1.3, which are essential for encrypted, secure communication.
Advanced Certificates and Encrypted Communication: Surveillance cameras and systems are increasingly using high-level encryption through certificates, making it much harder for hackers to break in.
Advanced AI techniques, like generative adversarial networks (GANs), enable bad actors to create realistic deep fakes and misinformation. These can be used to manipulate or impersonate surveillance video, posing a potential security risk.
Supply chain attacks occur when hackers infiltrate a company's software or hardware at some point during production or delivery. For instance, if a camera component is compromised before installation, it could potentially be used as a launchpad for future attacks. To mitigate this, manufacturers are implementing security protocols that ensure a product’s integrity from factory to end-user.
Each Bosch camera is fitted with a unique, tamper-proof root certificate that verifies the device as authentic and connects securely to its intended network. This certificate-based system is effective in cloud-based environments and greatly reduces the chances of a supply chain attack.
Modern Video Management Systems (VMS), like Bosch Video Management System (BVMS), offer built-in end-to-end security. This means all data from cameras to servers and from servers to client software is encrypted. BVMS requires certificates for authentication, creating a secure network that is less vulnerable to unauthorized access.
Stealth Mode: Newer cameras can enter a "stealth mode" where they become invisible to network scans and pings, making them harder for hackers to detect.
User Interface (UI) Disabled: Cameras can now completely disable their web interfaces, effectively turning them into a data-only device with no web-based access points that could otherwise be exploited.
Multicast and Encrypted Streaming: Modern cameras support both TCP and UDP video encryption, securing the video feed with AES encryption, even during multicast streaming.
Login Firewall: Cameras also feature login firewalls that protect against brute-force attacks by temporarily blacklisting IP addresses after multiple failed login attempts.
Secure Firmware Updates: Firmware updates are signed and encrypted to ensure only legitimate updates are loaded onto cameras, reducing the risk of an attacker installing malicious software.
A significant aspect of securing any video surveillance system is maintaining updated software and firmware. Given the thousands of vulnerabilities discovered each year, the importance of applying the latest updates and patches to devices cannot be overstated. Not only do updates fix security flaws, but they often introduce new features and improvements that further bolster system resilience.
As technology advances, so do the techniques used by cybercriminals to breach security. With the thin line between the secure and vulnerable always at risk of being crossed, maintaining vigilance and using the latest security features is key. For end-users of video surveillance systems, it's essential to be aware of potential threats and prioritize security updates and configurations. By doing so, you’re not just protecting data—you’re also preserving the trustworthiness of your security infrastructure.
Learn more about cybersecurity for security systems here >>
Contact us for system design assistance >>