Article
Network Security

Genetec’s Paul Dodds Talks Protecting IoT from Cyber Attacks

By Kristian McCann
June 09, 2024
undefined mins
CCTV and IoT devices account for just 1.2% of all devices, but receive 24% of malicious activity
Genetec’s Paul Dodds talks about the threat IoT and CCTV devices face from hacks, and how organisations can help protect them

Video surveillance cameras and other Internet of Things (IoT) devices are increasingly becoming targets for cybercriminals looking to gain unauthorised access to networks and sensitive data.

While these physical security tools are designed to enhance safety and security, their immaterial properties contain vulnerabilities that can be exploited by hackers.

In an interview with Cyber Magazine, Paul Dodds, Country Manager at Genetec UK & Ireland, shed light on the growing threat posed by unsecured video surveillance cameras and IoT devices. 

Paul Dodd, Country Manager UK & Ireland at Genetec

Hardware meet software

Dodds emphasised the importance of robust cybersecurity measures and collaboration between physical security and IT teams to address this critical blind spot.

These devices, are essentially, small computers running software that may contain cybersecurity vulnerabilities. 

"It's because they're not always as well managed or protected as other technologies that they so often pique the interest of hackers," Dodds states. "Companies must have strong cyber defences in place to manage these devices or they could be opening themselves up to all manner of threats."

Without proper management, these devices can become weak links in a company's security infrastructure, potentially leading to data exfiltration or unauthorised access to facilities.

Hackers handbook for attacks

Youtube Placeholder

Hackers often seek the lowest cost opportunity with the greatest chance of success. 

Dodds points out that certain breaches, like the one Verkada suffered in 2021, underscore how simple it can be to exploit improperly configured devices. "In this particular case, hackers gained unauthorised access to the company's systems using publicly available administrative credentials, which were likely weak or reused passwords," notes Dodds.

This example illustrates the critical need for strong password policies and proper configuration of security devices. Weak or reused passwords can provide an easy entry point for hackers, leading to significant security breaches.

Addressing the CCTV blind spot

Despite video surveillance cameras and other IoT devices accounting for just 1.2% of all devices, they are responsible for 24% of malicious activity. 

Dodds emphasises the need for collaboration between IT security teams and physical security functions. 

"To counter the threat, physical security professionals must proactively partner with their counterparts in information security to better understand the true limits of the security perimeter and work to develop strong governance and processes to avoid or mitigate cyberattacks," Dodds advises.

This collaboration is crucial for a comprehensive security posture. IT teams should also be wary of high-risk security camera vendors, particularly those subject to restrictions in the USA but widely deployed in Europe. Dodds suggests treating these vendors "like digital asbestos" and having a plan to address their presence in the business.

Key steps to securing 

There is no single solution to securing video surveillance cameras and other IoT devices, but several controls can be implemented.

Dodds recommends ensuring cameras are running on the latest firmware and that security updates are regularly applied. 

"This is a rudimentary aspect of good cyber hygiene," Dodds states.

Regular updates and firmware management are fundamental to maintaining the security of these devices. By keeping software up to date, companies can protect against known vulnerabilities and reduce the risk of cyberattacks.

The security of video surveillance cameras and other IoT devices is a critical aspect of a company's overall cybersecurity strategy. 

By understanding the vulnerabilities, methods of attack, and necessary protective measures, businesses can better safeguard their assets and data. 

As Dodds highlights, a proactive and collaborative approach between physical and information security teams is essential for mitigating the risks associated with these devices.

******

Make sure you check out the latest edition of Cyber Magazine and also sign up to our global conference series - Tech & AI LIVE 2024

******

Cyber Magazine is a BizClik brand

IoTGenetecDevice security
Share
Share
Author
Kristian McCann

Featured Articles

Microsoft Giving Cybersecurity Boost to Rural US Hospitals

Microsoft is giving rural hospitals a hand to help them get their cybersecurity up to snuff to keep them running amid the rising attacks on healthcare

Outpost24 Webinar to Show How CTEM Can Enhance Cybersecurity

Outpost24's webinar will provide actionable insights for attendees looking to implement Continuous Threat Exposure Management into their security strategy

Why Cato Networks' MSASE Gives Channel Partners Vendor Power

SASE has become a critical component for enterprises, driven by increasingly complex network environments, but it has its its own issues to content with

ManageEngine’s Arun Kumar Talks the Threat of Mobile Malware

Hacking & Malware

SpiceRAT: Cisco Talos Sound Alarm Over New Trojan

Hacking & Malware

CrowdStrike & HPE: Unifying IT and Security for Secure AI

Technology & AI