Security Cameras: Risk or Reward? 

Last week we shared the recent SD&I cover story about a potential ransomware attack on a security system.  If you missed it, you can read it here.

This brought on a number of questions about the safety of using security cameras in businesses and homes. One we often hear is:

“Can hackers watch me through my cameras?”

We always reply with, “Maybe, that’s why you should always be smiling!” We say that half-jokingly because the reality is, it’s certainly possible. More often though, hackers aren’t looking at you, they’re looking at your information. Their goal is to leverage your camera as an access point to move in and around your network or further enhance an attack.

Just like any technology, you can’t put all products and manufacturers in the same basket. In the case of security cameras, everyone builds their devices differently with varying degrees of security baked in. Historically, camera manufacturers have had to minimize investment in building strong security features due to cost restrictions. And, let’s be honest, it might just help to maximize profit.

In a recent example, F-Secure noted that Foscam IP cameras may have significant risks. 18 vulnerabilities in total, some of which may allow an attacker to view live video and control the cameras. If you have these cameras in your business or home, you might want to read the story. While we can’t verify everything is patched up, the good news is Foscam has released a statement indicating new firmware is available.

That brings me to my next point: Just like computers, IP security camera systems have specific software and firmware installed on them that absolutely require updating.

Luckily, for your computer, when a new update is released, your system will usually automatically update or notify you and fix the security vulnerabilities. Or you’ll hear from someone in IT. And as long as you put the updates through and reboot your computer, you should be in a safer place.

Your camera system is a different story.

When an update is released by the manufacturer to fix a security problem on a camera system, it isn’t so easy:

  • First, most end users simply aren’t notified.
  • Second, if your system is on-premise (local), usually updates to devices and software are not done automatically.
  • Third, updates and patches can be tricky as they may end up causing conflicts to your camera software, and, most of the time need to be completed by a trained professional.

If you’ve hired a professional to install your camera system, ensure they don’t use default passwords. Also, see if they have a program where they’ll perform ongoing security updates for you to help keep your systems secure.

If you’ve completed a DIY (Do-IT-Yourself) camera installation, then you owe it to yourself to research new updates/patches and apply them to your system. And please change the default login and password to something strong!

Testing your network for holes and vulnerabilities is a critical part of your cybersecurity program.

Make sure it includes your IoT devices, including those seemingly safe security cameras.

When you’ve done that, don’t forget to smile…a little peace of mind goes a long way!

Stay Safe,

Your Friends @ Defendify

Resources & insights

Why You Could Be Denied Cyberattack Insurance Coverage
Blog
Why You Could Be Denied Cyberattack Insurance Coverage
As you’re working toward achieving robust cybersecurity, the subject of cyber attack insurance coverage and cybersecurity insurance requirements is sure to enter the discussion.
Cost of a Cyberattack vs. Cybersecurity Investment
Blog
Cost of a Cyberattack vs. Cybersecurity Investment 
Detailing the cost of a cyberattack versus the ROI of a cybersecurity investment enables leadership to see cybersecurity solutions are worth it.
Defendify Listed as a High Performer in Six G2 Grid Categories
Blog
Defendify Listed as a High Performer in Six G2 Grid Categories
The Defendify Cybersecurity Platform has been listed as a High Performer in six Summer 2022 Data Security Software Category Reports on the technology review site G2.

Protect and defend with multiple layers of cybersecurity

Defend your business with All-In-One Cybersecurity®.

Explore layered
security

Learn more about Defendify’s three key layers and All-In-One Cybersecurity®.

How can we help?

Schedule time to talk to a cybersecurity expert to discuss your needs.

See how it works

See how Defendify’s platform, modules, and expertise work to improve security posture.

Take the first step toward comprehensive cybersecurity with a free Defendify Essentials package

Gain access to 3 award-winning cybersecurity modules. Nothing to install. Nothing to pay for.