Is your CCTV vulnerable to a network attack?

Connecting CCTV systems to the Internet is very common these days, it gives the user the ability to view and control their CCTV systems remotely.

However, we have found that a high proportion of internet connected systems are vulnerable to attack, either pre-meditated, or using automated ‘bots’.

Such attacks can render a CCTV system useless by either corrupting or deleting the settings, deleting video recordings, or preventing access to the device (Denial of Service attack). They can also be used to cause damage to other devices that are connected to the CCTV system.

In this blog I will highlight some potential vulnerabilities, and give you 5 simple steps to reduce the chances of your CCTV systems being attacked.

Why are Internet connected CCTV systems attacked?

It is unlikely that a hacker or bot wants to attack your CCTV system at all, they are more likely looking for web servers or file servers that they can gain access to.

Unfortunately, modern IP connected CCTV systems often have web servers and file servers built into them which are used to configure the system using web pages, display video images, or download archived video footage.

So even though your CCTV system may not be a prime target for a bot, it can still do some serious damage to your system if they can gain access to it.

How are Internet connected CCTV systems vulnerable?

There are many reasons why a CCTV system may be vulnerable to an attack. The most common being:

  1. The device responds to Ping requests.
  2. It’s using common IP socket ports such as port 80 (HTTP), port 21 (FTP), and port 23 (Telnet), or the default ports.
  3. A low strength password is being used, or the password has not been changed from the manufacturer’s default.
  4. The system is open to connection from any source.
  5. There are vulnerabilities within the DVR software/firmware.

This isn’t an exhaustive list, but these are the most common reasons why internet connected CCTV systems are vulnerable.

How do I make my Internet connected CCTV systems less vulnerable?

In the first instance, it is worth addressing each of the points above to see if there are immediate issues which can be resolved:

  • Ensure the CCTV system does not respond to Ping requests – Ping is a method used to detect whether an IP device is connected online. If the DVR (or the router it is connected to) responds to Ping requests, it may alert potential attackers that a device  is available to attack. Turn off Ping response in the Router and DVR to prevent this from happening.
  • Change the IP port that is used to access the unit over the Internet –  If the DVR is using port 80, 21, or 23, see if these can be changed on the DVR itself. If that is not possible, change the router settings to use Port Forwarding, so that traffic on a specific incoming port number will be forwarded to the correct port of the DVR on the network. For example, you could forward any traffic on port 3080 to the DVR on port 80, so any external connection to the IP address on port 3080 will get through, but connections to port 80 will not. You can find out more about Port Forwarding HERE
  • Change the password on the CCTV System– ALWAYS change the manufacturer’s default password. Also, have a mix of uppercase and lowercase letters and digits to strengthen the password, for example “A$kMe” is much stronger than “askme”. You can check your password strength HERE
  • Configure your router’s Firewall – Do you really want to allow anybody on the Internet to have access to your CCTV system? The firewall within your router will allow you to limit access to your CCTV to certain IP address ranges or MAC addresses.
  • Ensure that the firmware on the CCTV System is up to date – Manufacturers may address any security or vulnerability issues with newer firmware, always ensure you have the latest firmware to ensure that you have added protection.

There are other methods of increasing security of your Internet connected CCTV systems which are way beyond the remit of this blog, but by implementing these five simple steps, you can reduce the chances of your CCTV system being attacked.

One thing to remember is that a CCTV system is basically a PC, they may not look or operate like one, but underneath they will be running an operating system which may well be Windows or Linux based, meaning that they are vulnerable to the same sorts of threats as desktop PCs.

It’s worth bearing in mind the next time you put one of your customers’ CCTV systems online.

Genie CheckMyCCTV Promotion

Buy a Genie DVR in September and October to qualify for FREE CheckMyCCTV Status and Operation monitoring software and a 1-year licence for each unit purchased.

CheckMyCCTV allows you to diagnose issues on your CCTV installations to ensure they are operating correctly at all times. Find out more about CheckMyCCTV HERE

UPDATE: This offer now includes our Hosted CheckMyCCTV Service for 1-year for each unit purchased. The hosted service includes Daily checksDaily Status Report emails, and Web based CCTV Status viewing for your browser or Smartphone.

Genie DVRs purchased in September and October have a voucher in the box with a unique code. To claim your free licenses, register the voucher code(s) below:

[si-contact-form form=’5′]
Terms and Conditions
1. Genie CCTV Ltd. and CheckMySystems Ltd. reserve the right to remove this offer at any time without prior notice.
2. Offer only valid on Genie BDVR, EDVRH, and GDVRH products with vouchers in the box.
3. Offer runs from September 1st 2012 until October 31st 2012.
3. One software installation and a maximum of 25 licenses permitted per company.
4. Vouchers expire on December 31st 2012.

Cut the cost of remote CCTV maintenance

CheckMyCCTV Maintenance Over the last 30 or so years, CCTV maintenance contracts have barely changed. Usually consisting of One or Two scheduled ‘pre-emptive’ maintenance visits a year to check that the system is working correctly.

In the era of tape based CCTV recording, scheduled maintenance was required to maintain the quality of recordings as the tapes and VCR heads became worn over time, but with digital CCTV systems this is not the case.

Pro-active not Pre-emptive

With modern Digital CCTV systems, there is no gradual degradation of recording quality between maintenance visits. CheckMyCCTV can monitor network connected CCTV systems for faults and recording issues, allowing maintenance visits to be targeted towards sites that actually need them.

Scheduled maintenance visits only ensure that your customers’ CCTV systems are working on the day of the visit, or two for bi-annual maintenance, but what about the other 363 days of the year when there’s no engineer on site?

Remotely Monitored Fault Reporting

CheckMyCCTV changes the way CCTV maintenance visits can be conducted. By automatically providing  Remotely Monitored Fault Reporting your customers are getting a maintenance package which is suited to the Digital era.

The benefits of remotely monitoring your customers’ CCTV systems for faults include:

  1. Peace of mind that your customers’ installations are working 365 days of the year.
  2. Immediate notification of fault conditions, often before the customers are aware of them.
  3. Proactive approach to customer service, rather than expecting your customers to detect issues.
  4. Increased efficiency of maintenance contracts – Pay As You Go and reduced visits to provide you and your customers with a ‘best value’ proposition.
  5. Reduced Costs of site visits by taking service engineers off the road, reducing fuel and labour costs, and improving the first visit fix rate.

A typical installer with 100 remote sites can save more than 30% of their Labour and Fuel costs by replacing two scheduled site visits with a single scheduled site visit and an emergency site visit triggered by CheckMyCCTV.

Pay As You Go Maintenance contracts

Current Pay As You Go maintenance contracts require the customer to detect faults and report them to the installer, in reality customers only tend to discover faults when they require footage from the CCTV system which is often not available. At this point, the damage is already done, the system you installed and maintain did not work and whether it is your fault or not, it is the your name and reputation that are tarnished.

By implementing CheckMyCCTV, faults are detected as soon as they happen, allowing you to pro-actively contact your customer to advise and arrange a site visit.

The next time you get a call from your customers to report a fault with their CCTV system, think how much better it would have been if it were you telling them that you have found a fault and you’re sending someone to fix it.

It’s time to drag maintenance contracts into the digital era, provide your customers with a better service for less with CheckMyCCTV. Contact Us for a FREE Trial to see how.

 

 

Beta support for Genie DVR released

CheckMyCCTV Genie Beta supportCheckMyCCTV now supports Health, Status, and Operation monitoring for Genie DVR products. If you would like to participate in the Beta Programme, please register to download the Trial and let us know that you are using Genie DVR products.

 

You can send your feedback, comments and suggestions to feedback@nullcheckmysystems.com and we’ll respond to every email.

CheckMyCCTV is currently supporting the Core test functionality for Genie DVRs including:

  • Network Connection
  • Time/Date Accuracy
  • Camera Status
  • Disk Recording
  • Recording Duration
For more information on Genie products visit www.geniecctv.com

 

New Feature: Camera Tamper Detection

CheckMyCCTV Camera Tamper Detection launched

A CCTV system is only as good as the images it is recording. So if your cameras have been tampered with, your CCTV system may be as good as useless if the cameras are not recording the intended target area.

The problem is, how do you know when they have been moved? If the cameras are tampered with the system would carry on recording and the user would be blissfully unaware that their CCTV system is severely compromised. A manual check could be done, but this would be a hugely time consuming exercise comparing a ‘reference’ image against the current image.

CheckMyCCTV already monitors for camera faults, but it now goes one step further and monitors for camera tampering.

How does it work?

The Camera Tamper Detection function in CheckMyCCTV works by taking snapshots from each camera every day at user defined times (usually one during the day, and one at night). These are analysed and compared with images from the previous day, if the new image changes its view by more than user defined threshold, an alert is generated.

Camera Tamper Detection is a semi-automatic check, meaning that although CheckMyCCTV will generate an alert when the image has changes above a certain threshold. It is designed to augment manual camera checks, giving the operator an indication that a camera may need to be investigated further.

What can it detect?

Using the Camera Tamper Detection feature, CheckMyCCTV can now monitor and report when cameras are moved, obscured, covered, or sprayed, using existing network connected CCTV recorders without having to purchase additional equipment.

A typical application for Camera Tamper Detection could be in a shop or retail environment, where cameras are trained on the Till areas, or at entrance/exit doorways of buildings. An alert would be triggered if these important cameras are moved or obscured.

We’re not going to claim that camera tamper detection is 100% accurate, it is designed as an automated ‘first pass’ to give the operator a means of quickly checking whether reported cameras have indeed been tampered with.

 

Visit all your sites, without leaving your seat

With today’s high fuel costs, making unnecessary maintenance visits to customers’ sites can add a pretty high hidden cost to your bottom line. For example, a typical 100 mile round trip will cost in excess of £15. In isolation that may not seem a great amount, but how many miles do your service engineers cover in a month?

CheckMyCCTV can reduce the number of service visits you make by connecting to all your sites and automatically diagnosing issues before an engineer goes anywhere near the site. If a site visit is required, it can be made with all the correct replacement parts and tools without having to make a return trip, saving fuel, time, and manpower, and in an ever increasing green economy, reduce your carbon footprint.

CheckMyCCTV can not only help reduce the number of service visits, but also ensure service visits are more targeted, and improve efficiency within a service team. This was demonstrated to us this week when a hard disk failure was reported by a CheckMyCCTV monitored system – the end user was blissfully unaware of any issues because the system looked like it was operating correctly, it just wasn’t recording!

The installer was immediately alerted to the hard disk failure by CheckMyCCTV, which also indicated the required replacement hard disk size. The installer then contacted the customer to let them know they would visit to repair the faulty unit, before they were even aware there was a fault.

One check, One call, One visit, One happy customer!

Try CheckMyCCTV now and see how it can improve your service efficiency.

Can you check your CCTV in under 20 seconds?

You can with CheckMyCCTV! The latest updates to the test engine now make it possible to comprehensively check your Dedicated Micros CCTV system and cameras in under 20 seconds*.

As an installer or RVRC, your customers may expect (or demand) that you regularly check their CCTV system. CheckMyCCTV is a simple and most cost effective way to ensure that your customers sites and your reputation remain in good health.

CheckMyCCTV automatically and autonomously checks many aspects of the CCTV system and gives you a status report in less than 20 seconds. If you had the time, patience, and persistence, you could (probably) manually perform all the tests that CheckMyCCTV does.

If you want to give it a try, here’s the tests you’d have to perform……on your marks….get set……GO!

  • Check that you can connect to the DVR.
  • Check that the time and date is correct.
  • Check that all the cameras are working.
  • Check that the unit is recording. (Are you sure it’s recording?)
  • Check that the hard disks are working.
  • Test the network bandwidth of the DVR. (Are you losing the will to live now?)
  • Take a daily configuration backup from the DVR.
  • Check that the DVR is actioning alarms. (Are we nearly there yet?)
  • Check that the DVR is connecting to a central station on alarm, etc etc.

I think you get the picture. In all there are up to 22 individual checks that CheckMyCCTV performs on every unit, every hour of every day.

So, do you really have time to check your CCTV systems manually? Find out how much time and resource CheckMyCCTV can save you, contact us today for a FREE 14-day trial.

 

* Tests conducted on a standard BT Broadband connection at 6Mb/s download and 330Kb/s upload using a 2.8GHz Pentium 4 PC.

New Feature: Secondary Network Check

CheckMyCCTV checks that there is a network connection to the CCTV system and will report an alert if the connection fails.

Acting on customer feedback, CheckMySystems has introduced a secondary network check, which checks a secondary IP/Hostname address if the Primary IP address fails or does not respond.

The improved network check gives users a better indication as to whether it is the CCTV system which has an issue, or if there is an issue with the network or broadband connection that the CCTV system is connected to.

A typical Secondary IP address could be another device on the same network as the CCTV system, such as another DVR/NVR or the broadband router.

How does the enhanced network check work?

CheckMyCCTV repeatedly checks network connectivity to the CCTV system, and reports any issues, here are the available combinations with the enhanced network check:

  1. The Primary address passes – No alert indication.
  2. The Primary address fails, and the Secondary address passes – Possible issue with the CCTV System.
  3. The Primary address fails, and the Secondary address fails – Possible issue with the network connection to the site.

Typical issues if both the Primary and Secondary addresses fail could be:

  • Loss of broadband/network connection.
  • A change to the router/firewall configuration.
  • Loss of power on the site.
  • A problem with the network connection on the site.

The Enhanced Network Check function is available to all CheckMyCCTV users, click on Help > Check for updates to upgrade.