Article
Network Security

Genetec’s Paul Dodds Talks Protecting IoT from Cyber Attacks

By Kristian McCann
June 09, 2024
undefined mins
Share
CCTV and IoT devices account for just 1.2% of all devices, but receive 24% of malicious activity
Genetec’s Paul Dodds talks about the threat IoT and CCTV devices face from hacks, and how organisations can help protect them

Video surveillance cameras and other Internet of Things (IoT) devices are increasingly becoming targets for cybercriminals looking to gain unauthorised access to networks and sensitive data.

While these physical security tools are designed to enhance safety and security, their immaterial properties contain vulnerabilities that can be exploited by hackers.

In an interview with Cyber Magazine, Paul Dodds, Country Manager at Genetec UK & Ireland, shed light on the growing threat posed by unsecured video surveillance cameras and IoT devices. 

Paul Dodd, Country Manager UK & Ireland at Genetec

Hardware meet software

Dodds emphasised the importance of robust cybersecurity measures and collaboration between physical security and IT teams to address this critical blind spot.

These devices, are essentially, small computers running software that may contain cybersecurity vulnerabilities. 

"It's because they're not always as well managed or protected as other technologies that they so often pique the interest of hackers," Dodds states. "Companies must have strong cyber defences in place to manage these devices or they could be opening themselves up to all manner of threats."

Without proper management, these devices can become weak links in a company's security infrastructure, potentially leading to data exfiltration or unauthorised access to facilities.

Hackers handbook for attacks

Youtube Placeholder

Hackers often seek the lowest cost opportunity with the greatest chance of success. 

Dodds points out that certain breaches, like the one Verkada suffered in 2021, underscore how simple it can be to exploit improperly configured devices. "In this particular case, hackers gained unauthorised access to the company's systems using publicly available administrative credentials, which were likely weak or reused passwords," notes Dodds.

This example illustrates the critical need for strong password policies and proper configuration of security devices. Weak or reused passwords can provide an easy entry point for hackers, leading to significant security breaches.

Addressing the CCTV blind spot

Despite video surveillance cameras and other IoT devices accounting for just 1.2% of all devices, they are responsible for 24% of malicious activity. 

Dodds emphasises the need for collaboration between IT security teams and physical security functions. 

"To counter the threat, physical security professionals must proactively partner with their counterparts in information security to better understand the true limits of the security perimeter and work to develop strong governance and processes to avoid or mitigate cyberattacks," Dodds advises.

This collaboration is crucial for a comprehensive security posture. IT teams should also be wary of high-risk security camera vendors, particularly those subject to restrictions in the USA but widely deployed in Europe. Dodds suggests treating these vendors "like digital asbestos" and having a plan to address their presence in the business.

Key steps to securing 

There is no single solution to securing video surveillance cameras and other IoT devices, but several controls can be implemented.

Dodds recommends ensuring cameras are running on the latest firmware and that security updates are regularly applied. 

"This is a rudimentary aspect of good cyber hygiene," Dodds states.

Regular updates and firmware management are fundamental to maintaining the security of these devices. By keeping software up to date, companies can protect against known vulnerabilities and reduce the risk of cyberattacks.

The security of video surveillance cameras and other IoT devices is a critical aspect of a company's overall cybersecurity strategy. 

By understanding the vulnerabilities, methods of attack, and necessary protective measures, businesses can better safeguard their assets and data. 

As Dodds highlights, a proactive and collaborative approach between physical and information security teams is essential for mitigating the risks associated with these devices.

******

Make sure you check out the latest edition of Cyber Magazine and also sign up to our global conference series - Tech & AI LIVE 2024

******

Cyber Magazine is a BizClik brand

IoTGenetecDevice security
Share
Latest

Digital Magazine

Read Now
Read the latest Digital Magazine today!

Featured Articles

Resilience: Firms Fail to Grasp Cyber Financial Impact

Resilience and YouGov survey reveals 74% of mid to large UK businesses face cybercrime, while ransomware understanding lags behind data breach concerns

SonicWall and CrowdStrike Unite for SMB Security Service

SonicWall partners with endpoint protection specialist CrowdStrike to offer managed detection and response capabilities through managed service providers

FS-ISAC CISO Talks Cyber Strategies for Financial Providers

FS-ISAC CISO JD Denning explains the cyber strategies financial providers need to adopt in order to stay afloat in the wave of cyber attacks

Darktrace Reports 692% Surge in Black Friday Cyber Scams

Cyber Security

KnowBe4 Launches AI Agents to Counter Phishing Threats

Technology & AI

Gen Reports 614% Rise in Command Prompt Manipulation Scams

Cyber Security