Camone makes the following commitments: We support and adhere to internationally recognized cybersecurity standards and best practices; we support research efforts to increase network defense capabilities; we continue to improve and use open and transparent methods so that users can assess Camone's cybersecurity capabilities.
CCTV has become an essential part of crime prevention and security measures. Government, private firms, houses every place is monitored using CCTV. CCTV captures the video and transfers them to the monitoring-recording device where they can be watched or stored. Depending upon the need there are various types of CCTV cameras. They are available based on quality, types of images, types of transmission, movement of the camera.
With the increased use of internet security cameras are becoming internet-connected. Various devices around us are now working on “IoT” or Internet of Things. Depending on the type of CCTV they can be connected to the internet by multiple ways like cloud-managed surveillance systems or the traditional DVR/VMS/NVRs connected to the internet. The traditional CCTV storage systems are connected to the internet for remote video access or support and maintenance. The person sitting in Delhi can view the CCTV camera installed in Kerala. Internet-connected security camera has various cybersecurity threats.
This may look very obvious but this is a security measure which needs to be discussed. People often use easy-to-hack passwords. Users use passwords such as 123456, qwerty, abc123, etc. The cameras come with a default username and password which are published on the internet. Some users don't change the password and leave the same with default passwords. So, if the hackers get the network access then using the GUI he can guess the password. It is just like putting a lock on your door whose keys are available with everyone.
It is always advised to keep a unique and long password for each camera. The password should be non-obvious. If the cameras are on a VLAN or Physical private network you can use the same password for all the cameras but the password should be strong.
Everyone now excepts video access from remote mobile devices. This feature needs the DVR/NVR/VMS connected to the internet. If the server is HTTP then it is extremely dangerous. It is very easy to exploit and unsecure server. It is advised that you use HTTPS servers if you want to do “port forwarding”. Cloud-based systems do not have port forwarding, so no such vulnerability exists in that system.
When these CCTV storage devices are connected to the internet for remote access they need to have a firewall for protection. Firewalls analyze and verify that protocols that are going over the port.A modern firewall should be configured by a security expert. Firewall configuration should be documented. The configuration should be monitored and the necessary changes to be done whenever required.
The video is stored on the disk and is transmitted to various devices when a request occurs. The video if not encrypted can cause security risks. The hacker can steal the video and can edit or view the same. The video should always be encrypted, both when it is in transit and when it is stored.
Hacking of data does not happen only by online means but the intruder can also try to hack into onsite physical equipment. The room where DVR/NVR/VSS, switches and video storage servers are located need to be secure and accessible by only authorized personnel. Proper security rules should be followed to keep physical access safe and secure.