Network Security. It’s enough to make you WannaCry

The recent Petya (also being called exPetya) and WannaCry ransomware attacks worldwide serve as a stark reminder of the importance of network security and the havoc that cyberattacks can wreak.

WannaCry was estimated to have impacted 300,000 computers across 150 countries in May 2017, one of the consequences of which was bringing the NHS in the United Kingdom to a standstill, resulting in patients being turned away from Emergency Departments and operations being cancelled.

Final figures have are still being confirmed regarding the number of machines affected by Petya, with computer systems in the Ukraine sustaining the majority of hits initially, including the country’s central bank, main international airport, and even the Chernobyl nuclear facility. As it took hold internationally, Australia was also affected. Qantas flights were in disarray after a systems failure of bookings provider Amadeus, and both courier service TNT and the Hobart Cadbury facility were brought to a standstill. It does not require much imagination to see how potentially catastrophic disruption to mission-critical systems, such as some of those mentioned above, could be.

These incidents occurred against the backdrop of an almost exponential increase in cybercrime. To give some perspective, according to SonicWall there were 638 million ransomware attack attempts in 2016, more than 167 times the number in 2015. This is compared to 3.8 million in 2015 and 3.2 million in 2014. Ransomware represents just one aspect of this growing trend.

The growth of smart network devices means that people, buildings, industries, and cities are becoming increasingly connected, providing a huge surface area vulnerable to incursions. The size of the human attack surface alone is staggering; with Microsoft estimating that by 2020 as many as 4 billion people will be online. One aspect of this, also known as Social Engineering (the manipulation of people), is a growth area and provides a strikingly easy way to leverage access into closed systems – how security aware are your employees? Do they understand your security policies?

As the IoT (Internet of Things) takes hold, malicious exploitations of vulnerabilities look set to soar. In a recent survey by Cisco, 73% of business decision makers said they expect the IoT to cause security threats to increase in severity over the next two years. More worrying, 78% of IT security professionals are either unsure about their capabilities or believe they lack the visibility and management required to secure new kinds of network connected devices. Still, think that wristband exercise tracker is a great idea? Think again and consider how valuable the data you are providing to the cloud is first.

For the CCTV sector, which along with much of physical security once operated as a rather closed system, is now particularly vulnerable. With IP cameras increasingly being integrated into larger systems, a two-way exposure to risk has been created. Cameras could become infected by malware via the larger network, and equally a network breach via a camera could lead to a much bigger organisation-wide attack. As a result, installers and end-users need to be more vigilant than ever.

In Australia, the RedFlex speed and red light camera network in Victoria was hit by WannaCry, resulting in the cancellation of 8,000 fines issued in Victoria between June 6 and June 22 2017. This occurred after a contractor plugged an infected USB stick into the cameras whilst performing routine maintenance. Earlier this year, public CCTV cameras installed by Moreton Bay Council in Queensland were also compromised, highlighting the risk such breaches could pose to smart cities.

We spoke to two leading camera manufacturers, Mobotix and Hikvision, who exhibit at the Security & Exhibition Conference, taking place from 26 to 28 July 2017, and asked them how they manage the challenges of operating in a rapidly growing hostile environment.

In the light of recent ransomware attacks which have been in the news (WannaCry and Petya), consumers are understandably concerned about the security of network devices. Can IP cameras be secured against network breaches? And what sort of strategies do you have in place to mitigate attack?

Brendan White, Business Development Manager (Australia and New Zealand) from MOBOTIX AG

Many people are unaware of the risks surrounding connecting devices on a network. When you open a ‘port’ from an IP camera to the network, you are essentially opening a 2-way door. If this door is not correctly secured, others can snoop inside, exposing the network and its devices to malicious attacks. Unauthorised access and backdooring of network devices is the greatest vulnerability against which network devices must be secured.

There are steps manufacturers can take to ensure their products are as secure as possible but it is also vital that installers are vigilant about following manufacturer instructions, adhering to protocols and carrying out software updates as soon as they become available. They should also be familiar with network security best practices such as IP address filtering, disabling web crawling, only using HTTPS and disabling HTTP, and using intrusion detection.

MOBOTIX are able to carry out all of the above, plus they also feature extra-long (up to 99 character) SHA-513 passwords (which can only be reset by returning to the factory), prohibit execution of external scripts, protect against brute-force attacks, use individually assigned port numbers to prevent port scanning, allow exclusive IP address definition and 128 bit encryption, and any recordings made by a MOBOTIX camera can be certified via X.509 Certificate Signing.

Daniel Huang, Managing Director of Hikvision Oceania

As a world-leading provider of video surveillance products and solutions, Hangzhou Hikvision Digital Technology Co., Ltd. (“Hikvision”) is continually investing in the development of innovative video surveillance technologies. In today’s challenging environment, cybersecurity risks are ever-present with the potential for data and network breaches. Ensuring the highest possible levels of cybersecurity is a top priority for Hikvision and we are proud of our industry-leading cybersecurity practices.

Hikvision is dedicated to enhancing and optimising cybersecurity within the development, manufacturing, delivery, and servicing of our video surveillance products. The company complies with all applicable national and regional cybersecurity regulations and follows the best industry practices. Hikvision’s information security management system has been certified with ISO27001. The Hikvision Network and Information Security Lab utilises the world’s leading known-vulnerability scanning tools and unknown-vulnerability discovery tools to verify and ensure that our products meet the industry cybersecurity standards and regulations.

The Hikvision Security Response Centre (HSRC) receives, disposes of and reports any and all security-related vulnerabilities with a professional security emergency response mechanism. We continue to take steps to improve our products, including having them tested by leading third-party cybersecurity firms to minimise any potential security risks.

Conclusion

Considering that the security of your devices is a crucial aspect of your business, engaging professional services to audit or penetration test your network is an essential part of operations in these times. Knowing where your vulnerability lies will enable you to further safeguard your data and business. With no room for complacency, you must be vigilant with regards to ensuring you have a robust network security in place at all times, follow best practices and make sure you install software updates promptly.

Implementing accurate reporting systems, maintaining links with industry security specialists and Government organisations such as CERT (AUSCERT in Australia) are all important and often overlooked aspects of maintaining a secure network. No matter the size of your organisation, network security should be a major focus.

All in all, CCTV technology is rapidly changing and emerging from the simple home IP camera to the largest government based networks. The IoT future is now – is your company primed to utilise and protect it?