SecurityWorldMarket

10/03/2017

IoT creates huge security challenges

Stockholm, Sweden

Lennart Alexandrie, Editor in Chief, Detektor Magazine

It is quite obvious to most people that we live in a time where the overall technology trend is the Internet of Things. More and more electronic devices are connected to the internet and provide major cost and efficiency benefits. But what about the safety of these devices? How do we know that they do not cause network attacks, virus attacks or allow opportunities for outsiders to take control? Security devices are no exception when it comes to these risks.

A camera that is being hacked can be used both for network attacks as well as unauthorised monitoring or completely shutting down the video surveillance. So far, it has been relatively quiet regarding this topic, except for some accusations of lack of security in some Chinese camera manufacturers’ products. What is the main reason why cameras can easily be hacked? Like everything else, it is often actual operation that is the biggest problem; for example, passwords are often too simple and passwords are not changed. But also, the password procedure itself is a risk. Biometrics and ID solutions will most likely replace typed passwords in the future. Just take a look at how many banks have solved the problem in their network-based payment solutions. Two-factor authentication or multi-factor authentication will certainly also be used for security devices.

In the latest issue of the Detektor magazine (01/2017), we place the focus on the problem of securing data in video surveillance applications. The starting point is the big international buzz raised last autumn, namely the accusations made against the world’s largest manufacturer of video surveillance equipment – Hikvision.

The IPVM online forum and its charismatic editor, John Honowich, have been engaged in something that might be described as a hunt for Hikvision for a long time. Dumping prices has been a theme, but recently most attention has been put on Hikvision products being a cyber risk. The rhetoric has been fierce and merciless. Hikvision is accused not only of a lack of IT security, but potentially also of granting the Chinese government access to Hikvision cameras. An article in the British newspaper The Times also supported these arguments.

The attention on Hikvision increased even more when the VMS software manufacturer Genetec decided to disfavour Hikvision cameras by making new customers using Hikvision devices pay a special license fee, and making current customers sign a waiver so that Genetec cannot be held responsible if network problems occur because of Hikvision devices. Genetec’s CEO has given an exclusive interview to Detektor on why these measures have been taken. Also, Keen Yao, VP of Hikvision’s International Business Centre, responds to both the accusations and insinuations and gives his view on the matter.

Even if the accusations rest heavily on hypotheses or on information from unconfirmed sources and are not necessarily true, they should be seen as an awakening for the physical security industry. Cyber security is often a neglected area. Here, the physical security industry – including all levels of the security camera supply chain, must take responsibility. “A surveillance system can consist of hundreds of cameras and if one camera fails in security, you may lose the whole surveillance solution”, says IT security expert Mikael Simovits, who gives his view on data security and video surveillance in this issue. He is anything but impressed about the data protection in today’s IP cameras. He considers them very easy to hack and calls for a much higher level of security.

Cyber security, as well as the development of IoT – are something that will characterise many of this year’s upcoming editions of Detektor. There is a great need for information, which we intend to fill, focusing in on security applications.

It seems 2017 is already proving to be an interesting year for the security industry.


Business News

Photo courtesy of University of Nottingham

University takes initiative in pilot biometrics scheme

in September the University of Nottingham will launch a pilot, using fingerprint technology for student registration at compulsory lectures and exams – 40 fingerprint units and 15 USB enrollment readers will be installed. The fingerprint identification readers are developed by TBS and are fully integrated with Nedap’s AEOS, the university’s current physical access control system. Hunter Communications Services is responsible for the implementation.

Business News

Cyber security vulnerability check list advises on best practice

Farpointe Data has just posted the first radio frequency identification(RFID) Cybersecurity Vulnerability Checklist for access control manufacturers, distributors, integrators and end users to use to protect their access control systems from becoming hacker gateways to their facilities and IT systems. Knowing what to do is especially important now that government agencies, such as the United States Federal Trade Commission, have begun filing lawsuits against businesses that do not provide good cybersecurity practices.

Business News

IoT Security Market worth $29.02 billion by 2022

According to a new market research report on the Internet of Things (IoT) Security Market to 2022, the market is expected to grow from USD 6.62 billion in 2017 to USD 29.02 billion by 2022. The report from Marketsandmarkets covers major IoT security types, such as network security, endpoint security, application security, cloud security, and others. Increasing ransom ware attacks on IoT systems, securing ubiquitous environment, and increasing need for data centric security are the major drivers for the growth of IoT security market.

Product Suppliers
Back to top