How CCTV Systems Can Be Vulnerable If Not Protected

There is no denying that CCTV systems, both traditional OVR-based and cloud-based systems, serve as the first line of security in nearly all public and private organizations today. As a matter of fact, it’s for this reason that many people fail to see the need of giving these invaluable security devices the security protection that they deserve. CCTV should keep people safe and not the other way round, right? Well, that argument would be misleading because with the increased rate of cybercrimes and terrorism, no organization is truly safe if its data collection and/or storage devices are vulnerable to infiltration. CCTV systems collect and store more data than Google and Bing combined which means that they top the list of criminals’ target devices.

 

Rumors of some counterfeit CCTV equipment having pre-installed malicious software surfaced about two years ago in the US. In 2017, stakeholders in the global CCTV manufacturing industry started raising concerns that criminals had found ways of accessing a device’s IP address which they would then use to access an organization’s security feeds from a remote location. This conversation has since picked momentum as cases of visual surveillance data theft increased exponentially towards the end of 2017 and into 2018.

 

Vulnerability of CCTV Systems in Public Schools

 

Among the organizations that seem to have neglected their surveillance cameras most are our public schools. At least four British schools and several others from Canada recently fell victim of this negligence, with footages from their CCTV cameras doing rounds on the internet late last year and early this year Government investigators working on these cases have since revealed that most public schools are either using outdated surveillance systems, easy-to-bypass passwords, or systems without any firewall protection. This is a serious security breach which could cause unimaginable damages, particularly because all the affected schools had at least a thousand pupils by the time their security feeds were stolen. But how exactly did this happen?

 

CCTV Hacks in UK-Based Schools

 

In January 2018, an American-registered website hacked CCTV systems in some UK-based schools and posted images videos of unsuspecting pupils and teachers online. The website spied on kids at Christ The King Academy Primary School through cameras that were at that time installed near classrooms and at the school’s main entrance. Parents in the school were left speechless after realizing how unsafe the surveillance cameras had made the
institution to be and blamed the administration for not taking their kids’ safety seriously.

 

Another school that the malicious spies had gained access into was Christ The King Academy Primary School’s neighbor, St Mary’s Catholic Academy in Blackpool. The school which boasts of a pupils’ population of about 1,188 kids has cameras at every turn, including inside the toilets, but had not password-protected them prior to the January attack. Still in Blackpool, the criminals went to the extent of streaming live all the activities in and around Highfield Leadership Academy. This was one of the biggest security breaches in the history of Britain’s modern education system.

 

CCTV Hacks in Canadian Schools

 

In October last year was the turn of Cape Breton School’s privacy to be infringed by cybercriminals. Video surveillance images from different parts of the school were streamed by a Russian-registered website for days without the knowledge of the school’s administration. According to Nova Scotia’s privacy Commissioner Catherine Tully’s report, the school’s reluctance to advance technologically left it exposed to hacks. This was even as the Cape Breton-Victoria Regional School Board (CBVRSB) denied that schools within its jurisdiction were negligent in regards to student’s security. Beth Maclsaac, the board’s superintendent, argued that even though the damage was already done, the school boards had embarked on a mission to secure school cameras with passwords.

 

Conclusion

 

As the debate of whether or not schools should secure their surveillance cameras, one fact takes precedence, CCTVs are, unbelievably, making school environment more insecure than they are making it safe for kids. Schools all over the world need to come up with ways of protecting their data in the same way that big companies are doing, failure to which the cases of visual data theft will erode the confidence that parents have in them. As for the parents, it is time that they took matters on their own hands and demanded that any CCTV camera that’s not supported by the manufacturer in regards to regular updates be replaced. Privacy trainings should also be made mandatory for all school heads. These are some of the ways through which our kids will be protected from the malicious cybercriminals and terrorists.

IT Security Concerns In 2018

Some of the biggest cyber breaches in recent history occurred in 2017, and data belonging to thousands of businesses and millions of consumers were hacked. The major cyber-attacks in 2017 include the WannaCry ransomware infection, and the stealing of personal data from Equifax, Chipotle, Forever 21, and different social media sites. Experts have projected that by the end of 2017, spending on information security would have reached $864 billion. The 2017 Cyber-crime report projected that by 2021, damages from cyber-crime would cost the global economy $6 trillion per year.

The increase in the prevalence rate of cyber-crime is expected to continue through 2018, and businesses and individuals need to protect themselves from falling victim. This article examines IT security in 2018, and the five major security issues.

 

  1. Hackers-As-Service

The most popular conception of hackers is lone individuals working in a dingy place for personal gain. This has changed because cyber-crime is turning into black market services provided to businesses, countries and individuals with the aim of harming or embarrassing the victims or rivals.

The provision of data breach services could lead to the emergence of new sophisticated malware, Trojan and phishing programs in IT security in 2018, as hackers advance their communication and coordination techniques. The provision of cyber-attack services in the black market could also see budding hackers purchase malware programs that enable them to carry out cyber-attacks without technical knowledge.

 

  1. An Increase in the Prevalence Rate of Crypto-Jacking

As 2017 ended, there was an increase in cryptocurrency related crimes, and this trend is expected to continue into 2018, encouraged by the appreciating value of cryptocurrencies. Experts have noted that it is difficult to differentiate a normal internet user and a cyber-criminal whenever it comes to cryptocurrencies. An individual could be mining cryptocurrencies for his/her own wallet from visitors to his/her website. The same individual may engage in crypt jacking and it would be difficult to tell. For example, cases of individuals holding vast amounts of a specific cryptocurrency, and manipulating the market for their own benefit have been reported, and the trend is expected to continue through 2018.

 

  1. Ransomware In Cloud Computing

In 2017, a number of ransomware attacks were reported, with the most notable ones including the attack against Britain’s National Health Service, the breach against light-rail network in San Francisco, and attacks against major corporations such as FedEx. Ransomware is a type of malware that compromises defense and shuts down computer files using advanced encryption. Hackers using ransomware demand money in exchange of the digital keys to unlock the computer.

 

Criminal hackers like to use ransomware, and then demand payment in cryptocurrencies that are difficult to trace. Experts project that in 2018, the most preferred target for ransomware attack will be businesses in cloud computing. Big corporations have already hired the best minds in digital security to prevent any attacks. However, smaller companies are likely to fall victims to criminal attackers using ransomware.

 

  1. Internet of Things (loT) will Create More Risks

 

Businesses are increasingly adopting loT devices, but most of the devices lack a secure design that ensures IT security in 2018. Organization need to know the risk associated with using loT devices because loT ecosystems will face more security threats in 2018. The major security threats loT devices face include:

 

  • Lack of transparency on how the data captured by loT devices is used The manufacturers have access to the data captured using loT devices, and could use the data in ways not approved by customers.

 

  • Businesses face the risk of litigation if data is stolen from their loT devices.

 

  • Industrial attacks could quickly result in physical damage and loss of life, if the hacked loT devices were used to
    control industrial processes and machinery.

 

  • Manufactures launch new loT devices regularly and this means that the older versions are ignored in terms of upgrade and firmware, and this exposes them to new security risks.

 

  1. Hackers Will Target Security Software

Cyber-criminals will focus more on compromising security software in 2018. Security software are trusted programs, and by targeting security software, hackers will have the ability to control devices and manipulate other users. As attacks through security software are reported, public trust in the software, especially antivirus solutions will deteriorate.

 

SOURCES:

Justin Dolly. (Dec 2017). Top 5 cybersecurity concerns for 2018. https://www.csoonline.com/article/3241766

Thor Olaysrud. (Nov 2017). 5 information security threats that will dominate 2018. https://www.cio.com/article/3237784/security/5-information-security-threats-that-will-dominate-2018.html

Ben Canner. (Dec 2017). 5 Major Cybersecurity Threats 01 2018. https://solutionsreview.com/security-information-event-management/1107-2/

Martin Giles. (January 2018). Six Cyber Security Threats to Worry About in 2018. https://www.technologyreview.com/s/609641