Nearly every day, another data breach or ransomware attack is reported in the public sector. Any government agency is susceptible to a disruptive and costly cyber-attack.
Today, it’s critical to understand the cybersecurity dangers that physical security devices like cameras, door controllers, and monitoring systems might provide. During the COVID-19 epidemic, this danger has grown due to the increased use of these devices.
An overlooked avenue for cyber-attacks
A common but incorrect belief is that physical security devices can only be used to make limited threats. Recognised dangers, for example, generally include the capacity to remotely halt a camera’s video stream, unlock or lock a door, or damage essential building systems. Concerns about the threats to people’s physical safety will almost certainly stimulate interest in employing technology to counteract them.
However, most cyber-attacks are not meant to jeopardise people or properties’ physical safety. Instead, these attacks target IT-managed apps, files, and data. An attack on a camera can spread throughout the network, preventing access to vital programs, locking and holding files for ransom, and stealing personal information from employees, students, program clients, and residents.
According to Genetec’s research, roughly seven out of ten cameras had out-of-date firmware, which might be exploited. Morgan Wright, a Senior Fellow at the Center for Digital Government (CDG), believes that security cameras and access control systems should be considered essential network devices. “In terms of operations and cybersecurity, they require a high level of protection and monitoring.”
As two issues become more apparent and compelling, this viewpoint is gaining traction within IT organisations. First, network attacks from internet-connected security cameras and door controls are becoming more common. Cyber-attackers frequently use these devices to gain easy network access, and IT has limited visibility until after the fact. Second, the increasing number and disruption of cyber-attacks raise the risk level of every network-connected device that isn’t adequately secured.
Cybersecurity risks in physical security systemsÂ
Many public-sector buildings still utilise outdated security cameras and door controls, upgrading them only when necessary or when their capital costs have been entirely amortised.
However, owing to their inadequate security capabilities, older gadgets, particularly cameras, frequently pose considerable cyber danger. Several variables contribute to the ease with which cameras can be hacked.
An outdated network design. Previously, the physical security business was not required to keep a strong focus on cybersecurity, resulting in a gap in feature and technology integration. These devices were usually connected in a closed network, not representing the varied and more significant security requirements of internet, WiFi, or cellular connections.
Inadequate maintenance. Physical security management may not usually include basic cybersecurity protocols and best practices, such as regular password updates. Moreover, many older physical security devices no longer receive firmware updates from the vendor.
There is a knowledge gap. Physical security system installers and managers may have retired or departed the agency, leaving a knowledge gap about devices, configurations, and upkeep.
Vulnerable devices. Many cameras made by specific manufacturers have been discovered as posing a significant cyber risk. Some countries throughout the world have already prohibited the use of specific vendor products, citing ethical concerns and potential trust and security flaws.
Another, albeit more significant, step to take is to bring physical security and cybersecurity together into a single team with integrated operations.
Improving the cybersecurity of physical securityÂ
An integrated security team may thoroughly analyse needed cybersecurity enhancements for physical security devices and systems.
Several main areas of attention should be included in this review:
Enhance security surveillance. Ensure that the IT tools for network and security management monitor and manage any network-connected physical security devices. Examine the video management system (VMS) and access control system (ACS) for features that offer alarms or data used by IT’s network and security monitoring tools.
Protective measures should be strengthened. Look for ways to improve existing physical security device setups and administration techniques, such as:
- Using secure protocols for connecting the device to the agency network
- Disabling access methods that support a low level of security protection
- Verifying configurations of security features and alerts
- Replacing defaults with new passwords that are changed on a regular and verified schedule
Implement encryption. End-to-end encryption ensures that video streams and data are protected as they go from a physical security device to a management system for viewing. Also, ensure that these files and data are encrypted while in storage.
Enhance access defences. Using a layered strategy that incorporates multifactor access authentication and established user authorisations, you may improve the security of user and device access.
Improve update management. Installing software updates and patches is one management job that can be ignored when teams are split up. Define who is responsible for keeping track of when updates are available once the teams have been formed. After that, decide who is in charge of evaluating, deploying, and documenting updates on all eligible devices and systems.
Genetec: Traditional access control systems leave door open to cyber-attacks
Legacy devices, especially cameras, present a significant cyber risk because of their limited security capabilities. This risk may be a consideration behind the plans of many governments to upgrade their fixed surveillance systems in the near term. Today, hackers know that certain cameras are easy to take over and used as an entry point to the connected network. By understanding that physical and cyber domains are closely tied, governments can implement new technologies, new staff roles, and new practices to strengthen security overall.
