In today’s world, it is not too difficult to imagine a coordinated attack on a transportation network or nuclear power facility, staged on multiple fronts to confuse defenses and thwart countermeasures. Video surveillance systems in mission-critical installations are one of the key defenses against such an attack and are designed specifically to deter, detect, and thwart terrorist or criminal threats. Surveillance video also serves to protect more mundane businesses from ordinary crimes. However, a clever and meticulously planned attack could conceivably neutralize the video surveillance system and eliminate the possibility of detection or forensic investigation via video. While digital, networked video technologies are rapidly enabling powerful and scalable surveillance applications, these same technologies also introduce additional security risks into systems.
The increasing popularity of networked video makes it an attractive target for hackers, yet the security integrators and consultants responsible for designing and installing these systems rarely possess the IT security expertise necessary for building secure systems. To ensure that digital networked video is secure, the company must attend to the security of the network itself as well as to the associated applications.
The primary security concern of any networked video surveillance system is the security of the network itself. Not only does the network need to be designed with common network security principles and products in mind but also the surveillance applications connected to the network need to be secured like any other node.
For example, most digital video recorders (DVRs) and network video recorders (NVRs) in surveillance applications are simply Microsoft Windows PCs in a different form.
While companies typically require that any Windows PC on a network run antivirus and antimalware software to protect the PC and the rest of the network, few, if any, companies realize that DVRs and NVRs, which are PCs, should be similarly protected.
A virus does not need to specifically target surveillance applications to have an impact on these systems. For example, the SQL Slammer Worm that wreaked havoc around the Internet in 2003 targeted a vulnerability discovered in Microsoft’s SQL Server. Many NVR applications rely on SQL Server database software and could have been impacted, although no known cases were reported.
Another type of network security threat of concern to surveillance systems is vulnerability to denial of service (DoS) attacks. In such attacks, access to a service is denied to legitimate users because of a barrage of data being sent to a part of the system. The most common problems seen during a denial of service attack are that the network traffic slows down or a Web application becomes inaccessible.
A DoS attack could cause a company to lose access to video from many of the cameras on the security network. The company would also likely lose any recording of the video during the attack.