anti-virus software, and within network policies. This includes hardened passwords, restricted physical and network access, and disabling USB ports.
As for IP cameras and intrusion system devices, their operat- ing systems should be closed and run in limited memory space. There should be no capability to create files, and nothing should be able to be written to the device itself with the exception of digi- tally signed firmware. Devices that can run third-party apps can be weaponized and used as an attack platform against a network.
Password Use
User accounts and access to devices is one of the largest issues to- day. For example, many IP cameras are installed with the default user name and password. If installed on an accessible network, a connection can be established from anywhere in the world. De- vices should have a force password feature that also adheres to password policies.
User Access Rights
For remote access, users should be required to use a password to access system functionality. Apps or other means of remote com- mand and control should limit user access to only the features they are authorized to use at the system level. This ensures only authorized people have access to data.
Encryption and Authentication
To reduce the possibility of data being intercepted, viewed, and analyzed by packet sniffers, unencrypted communication chan- nels should be avoided. Systems should support encryption of data transmitted over the network and to the cloud using up to 256-bit AES Encryption. AES encryption that uses Cipher Block Chaining (CBC), which changes the key with each message, can also greatly reduce the possibility of decoding. Systems should also support certificates used in secure network scenarios, such as Public Key Infrastructure (PKI).
For end-to-end security of video systems, all network-wide communications between the cameras, recording devices and video management system should be assigned an authentication key. This ensures that an infrastructure of trust is built before network-wide communications start. Video devices should also include a built-in Trusted Platform Module to safely store crypto- graphic keys used for authentication and encryption. All crypto- graphic operations for authentication and encryption should only be executed inside the Trusted Platform Module.
For mission critical video applications, consider taking au- thentication a step further by using a system that supports the use of certificates as well as highly-secure identification and au- thentication through multi-factor smart card credentials.
For intrusion systems, end-to-end encryption is essential for remote programming data. Authentication of control panel com- munications is also important. The receiver at the monitoring center should perform authentication on all messages to prevent replay or substitution of the control panel. Replay of messages occurs when a network sniffer is used to record messages and at- tempt to play them back. Substitution occurs when a panel is re- placed by another panel. These tactics attempt to fool the receiver
that a panel is still online and working when there is actually a problem. Authentication can be done by using a key to verify each message that is received. The key should be changed with each message, including supervision, openings and closings, and alarm events.
Port Usage
Network and vulnerability scanners are designed to scan a spe- cific range of ports and the protocols associated with those ports. The more ports that are open on a system, the more opportunity there is to leverage a device or the services on that device. Ports that are not needed in a particular installation should be disabled.
Today, internet access to security devices, such as IP cameras and intrusion control panels, is desired for maintenance, updates and remote access, especially to cut costs. It is recommended to only use cloud connecting cameras and no port-forwarding con- figurations. Also, protocols such as Telnet should not be used. For cloud-ready control panels, ensure they are programmed with a unique cloud ID and PKI certificate that will allow a mutually authenticated Transport Layer Security (TLS) connection to the cloud services. These advanced cryptology standards help to pre- vent eavesdropping, substitution, and data tampering. The cloud should also be continuously monitored and updated to maintain the security of connected devices.
Prevention of Denial-of-Service
(DoS) Attacks
All computing systems have a finite set of resources, such as pro- cessing power and memory, to use, and this is especially true for embedded devices. A DoS attack can occur when a hacker opens multiple TCP sessions with a device, rendering it unable to receive additional messages. Consider ways to minimize the risk of a de- nial of service attack caused by a flood of network traffic.
For example, although a flood of network traffic will not cause a failure of a security control panel that prevents it from monitoring the physical security of the premises, very high lev- els of traffic may cause the loss of received packets. If the high volume of traffic is over an extended time, the loss of received packets could result in communication failures. To prevent this, connections with remote programming software should be au- thenticated. For monitoring center receivers, the receiver should only process data that is expected and in the proper format. If the account is not in the receiver’s account database or the data isn’t in the correct format, the receiver should not spend time process- ing and responding to the message.
The Highest Standards
Given today’s environment, where a single weak link is all it takes for a hacker to jeopardize an entire data system, it is imperative to protect all facets of a system. Make sure you are taking the proper precautions with the systems you are purchasing or in- stalling and understand how to achieve the highest standards in end-to-end data security.
Paul Garms and Sean Murphy are directors of regional marketing for Bosch Security and Safety Systems.
WWW.SECURITYTODAY.COM NS11