Surveillance security and your cyber wall: working with OT & IT to mitigate risk
Every time technology evolves as a force for good, you can bet that the flipside is evolving just as quickly.
October 5, 2020
Print this page
October 5, 2020 – Every time technology evolves as a force for good, you can bet that the flipside is evolving just as quickly.
Hackers (known in the industry as “bad actors”) are using advanced tools, and getting better and better at “cracking the code”. As well-funded as any legitimate business, there is an overwhelming amount of evidence that bad actors are using artificial intelligence (AI), machine learning (ML) and deep learning (DL) to improve the sophistication of their attacks.
While any facility can be at risk, critical infrastructure (CI)—like nuclear power plants or government facilities—are frequently targeted. The risk is compounded with our growing reliance on virtual connectively. The larger the tech components, the greater the risk for vulnerabilities. The current pandemic has also created the perfect storm for bad actors, as there has been a spike in cyber-attacks, especially in the healthcare industry.
Most commonly, the attacks are to extort money. For example, hackers penetrate the company networks, deploy ransomware and demand to be paid in bitcoin.
Operations technology and information technology must work as a team
Bad actors are uncovering new ways to compromise your IoT (internet of things) devices. When you have an internet protocol (IP) end point—like an IP surveillance camera, speaker/audio system, radar or access control unit—and you’re running on an unsecured network, guess what? You’re susceptible to cyberattack.
For example, unsecured network surveillance cameras could expose the whole system to risks like distributed denial of service (DDoS) and ransomware, social engineering, phishing and man-in-the-middle (MitM), to name just a few. Then there’s also data theft, such as your security video footage or compromised user accounts.
A bad actor’s goal is to access and control anything connected to your network. There have even been cases of smart lightbulbs used as an entry point for DDoS attacks, which is when a machine and/or network resource is made unavailable by disrupting its internet connection.
Should a bad actor successfully gain access to the machinery within a power station, oil refinery or hospital, the ensuing damage could be catastrophic. This is why your IT department (which manages the flow of digital information) and OT department (which manages the operation of physical processes, machinery and assets) must be aligned to strengthen your overall defence against these cyber risks.
Effectively protect your IoT devices: life cycle management
Because every network device can, potentially, become a breach point, it is crucial that your physical assets be managed well enough to meet the evolving cybersecurity challenges of your digital assets. The often-overlooked way to accomplish this is life cycle management, which basically means managing a device’s two lives. The first, and longer, is the device’s functional life i.e. how long you can realistically expect it to operate and function. The second is the device’s economic life i.e. how long until the device starts costing more to maintain than it is to adopt new, better technology.
Following life cycle management best practices—like knowing where the risks are, and keeping current on how they could be exploited—helps ensure your systems stay secure. Unpatched technology leaves networks vulnerable to cyberattack, and virtually all software-based technology (like network cameras) will need to be patched at some point. This is why responsible manufacturers regularly release firmware updates and security patches.
Having a life cycle management program also helps you to avoid unwelcome surprises (e.g. suddenly needing to replace a major system component) because you can plan a systematic replacement schedule and budget for each year.
Software solutions make life cycle management easier
Since many smart buildings have hundreds of networked devices, automating life cycle management through device management software solutions can save both time and money. They can assemble a full real-time inventory of all your networked surveillance devices, making it easier to implement consistent policies and practices across all your devices and securely manage all major installation, deployment, configuration, security, and maintenance tasks.
For example, when you receive notice of expiring security certificates, the device management software can automatically push new certificates to the appropriate devices. In the case of firmware upgrades, the software automatically verifies that the devices are running the latest and most secure version. Whenever a vulnerability is announced, your device management software spells out exactly where you stand on the cybersecurity front, and what steps need to be taken to protect your technology, saving you both time and stress.
Your OT & IT security checklist
Hardening a facility takes communication and collaboration between all stakeholders. To help start the conversation and the process, I recommend the following OT and IT principles to protect assets and resources:
• Perform a risk assessment of potential threats and the possible costs/damages to your system were it to be attacked.
• Understand system protection and possible threats by working closely with resellers, system integrators, consultants and product vendors.
• Secure the network(s) from breaches to sensitive information and attacks on servers and network devices.
• Use strong, unique passwords, and change them frequently.
• Do not rely on a network devices’ factory default security settings.
• Use encrypted connections, even on local networks. If you have an old legacy system that cannot be encrypted, compare the cost of upgrading to the cost of not doing anything.
• Reduce exposure to video by not allowing clients direct access to cameras unless required by the system/solution. Clients should only access video through a video management system or a media proxy.
• Check access logs on a regular basis to identify attempts at unauthorized access.
• Monitor all devices on a regular basis. Enable system notifications where applicable and supported.
• Implement device life cycle management to prevent your networked devices from becoming a security breach.
Futureproofing takes full OT and IT co-operation
When security surveillance and IT work together versus independently, your systems are better protected, scalable and pliable, with an increased ability to customize them to your building’s evolving needs and uses. Full OT and IT co-operation ensures end-to-end cybersecurity of all interconnected devices and systems, and better functionality from all IoT devices. Creating—and protecting—smart building systems can only truly be accomplished by working together.
Gavin Daly manages the Professional Service Group (PSG) at Axis Communications Inc., providing technical expertise and personalized advice for both internal and external customers. He can be reached at firstname.lastname@example.org or 978-614-2192.