IoT creates huge security challenges

Stockholm, Sweden

Lennart Alexandrie, Editor in Chief, Detektor Magazine

It is quite obvious to most people that we live in a time where the overall technology trend is the Internet of Things. More and more electronic devices are connected to the internet and provide major cost and efficiency benefits. But what about the safety of these devices? How do we know that they do not cause network attacks, virus attacks or allow opportunities for outsiders to take control? Security devices are no exception when it comes to these risks.

A camera that is being hacked can be used both for network attacks as well as unauthorised monitoring or completely shutting down the video surveillance. So far, it has been relatively quiet regarding this topic, except for some accusations of lack of security in some Chinese camera manufacturers’ products. What is the main reason why cameras can easily be hacked? Like everything else, it is often actual operation that is the biggest problem; for example, passwords are often too simple and passwords are not changed. But also, the password procedure itself is a risk. Biometrics and ID solutions will most likely replace typed passwords in the future. Just take a look at how many banks have solved the problem in their network-based payment solutions. Two-factor authentication or multi-factor authentication will certainly also be used for security devices.

In the latest issue of the Detektor magazine (01/2017), we place the focus on the problem of securing data in video surveillance applications. The starting point is the big international buzz raised last autumn, namely the accusations made against the world’s largest manufacturer of video surveillance equipment – Hikvision.

The IPVM online forum and its charismatic editor, John Honowich, have been engaged in something that might be described as a hunt for Hikvision for a long time. Dumping prices has been a theme, but recently most attention has been put on Hikvision products being a cyber risk. The rhetoric has been fierce and merciless. Hikvision is accused not only of a lack of IT security, but potentially also of granting the Chinese government access to Hikvision cameras. An article in the British newspaper The Times also supported these arguments.

The attention on Hikvision increased even more when the VMS software manufacturer Genetec decided to disfavour Hikvision cameras by making new customers using Hikvision devices pay a special license fee, and making current customers sign a waiver so that Genetec cannot be held responsible if network problems occur because of Hikvision devices. Genetec’s CEO has given an exclusive interview to Detektor on why these measures have been taken. Also, Keen Yao, VP of Hikvision’s International Business Centre, responds to both the accusations and insinuations and gives his view on the matter.

Even if the accusations rest heavily on hypotheses or on information from unconfirmed sources and are not necessarily true, they should be seen as an awakening for the physical security industry. Cyber security is often a neglected area. Here, the physical security industry – including all levels of the security camera supply chain, must take responsibility. “A surveillance system can consist of hundreds of cameras and if one camera fails in security, you may lose the whole surveillance solution”, says IT security expert Mikael Simovits, who gives his view on data security and video surveillance in this issue. He is anything but impressed about the data protection in today’s IP cameras. He considers them very easy to hack and calls for a much higher level of security.

Cyber security, as well as the development of IoT – are something that will characterise many of this year’s upcoming editions of Detektor. There is a great need for information, which we intend to fill, focusing in on security applications.

It seems 2017 is already proving to be an interesting year for the security industry.

Product News

Dahua Technology launches ePoE IP system

Dahua Technology Co., Ltd. is launching a system of extended Power over Ethernet (ePoE) devices including cameras, network switches and network recorders. Dahua ePoE IP system supports up to 800 metres between the ePoE camera and the ePoE network switch or ePoE NVR with an embedded switch. It overcomes the limitations of traditional Ethernet and POE (both restrict cable distances to around 100 metres (328 feet) between network ports) and eliminates the need for Ethernet extension devices or additional network switches.

Business News

Schema for Dahua facial recognition technology

The future is here - when surveillance meets AI

What will the world be like when surveillance meets AI (Analytics Intelligence)?

According to an IHS report from September 2016, security camera shipments continue to grow at 14.1% CAGR and are predicted to reach 190 million units in 2020, despite revenue growth having slowed to 8.1% CAGR. There are just too many cameras and video footage to be digested by human operators. Most security video footage is erased or over-written without being watched. Video Analytics (VA) Technology was once perceived as a solution to automate the utilisation of abundant video footage resources. By means of identifying and tagging the appearance of certain patterns in a video, the VA or AI system could perform search and run statistics on it.

Product Suppliers
Back to top