Is your CCTV vulnerable to a network attack?

Connecting CCTV systems to the Internet is very common these days, it gives the user the ability to view and control their CCTV systems remotely.

However, we have found that a high proportion of internet connected systems are vulnerable to attack, either pre-meditated, or using automated ‘bots’.

Such attacks can render a CCTV system useless by either corrupting or deleting the settings, deleting video recordings, or preventing access to the device (Denial of Service attack). They can also be used to cause damage to other devices that are connected to the CCTV system.

In this blog I will highlight some potential vulnerabilities, and give you 5 simple steps to reduce the chances of your CCTV systems being attacked.

Why are Internet connected CCTV systems attacked?

It is unlikely that a hacker or bot wants to attack your CCTV system at all, they are more likely looking for web servers or file servers that they can gain access to.

Unfortunately, modern IP connected CCTV systems often have web servers and file servers built into them which are used to configure the system using web pages, display video images, or download archived video footage.

So even though your CCTV system may not be a prime target for a bot, it can still do some serious damage to your system if they can gain access to it.

How are Internet connected CCTV systems vulnerable?

There are many reasons why a CCTV system may be vulnerable to an attack. The most common being:

  1. The device responds to Ping requests.
  2. It’s using common IP socket ports such as port 80 (HTTP), port 21 (FTP), and port 23 (Telnet), or the default ports.
  3. A low strength password is being used, or the password has not been changed from the manufacturer’s default.
  4. The system is open to connection from any source.
  5. There are vulnerabilities within the DVR software/firmware.

This isn’t an exhaustive list, but these are the most common reasons why internet connected CCTV systems are vulnerable.

How do I make my Internet connected CCTV systems less vulnerable?

In the first instance, it is worth addressing each of the points above to see if there are immediate issues which can be resolved:

  • Ensure the CCTV system does not respond to Ping requests – Ping is a method used to detect whether an IP device is connected online. If the DVR (or the router it is connected to) responds to Ping requests, it may alert potential attackers that a device  is available to attack. Turn off Ping response in the Router and DVR to prevent this from happening.
  • Change the IP port that is used to access the unit over the Internet –  If the DVR is using port 80, 21, or 23, see if these can be changed on the DVR itself. If that is not possible, change the router settings to use Port Forwarding, so that traffic on a specific incoming port number will be forwarded to the correct port of the DVR on the network. For example, you could forward any traffic on port 3080 to the DVR on port 80, so any external connection to the IP address on port 3080 will get through, but connections to port 80 will not. You can find out more about Port Forwarding HERE
  • Change the password on the CCTV System– ALWAYS change the manufacturer’s default password. Also, have a mix of uppercase and lowercase letters and digits to strengthen the password, for example “A$kMe” is much stronger than “askme”. You can check your password strength HERE
  • Configure your router’s Firewall – Do you really want to allow anybody on the Internet to have access to your CCTV system? The firewall within your router will allow you to limit access to your CCTV to certain IP address ranges or MAC addresses.
  • Ensure that the firmware on the CCTV System is up to date – Manufacturers may address any security or vulnerability issues with newer firmware, always ensure you have the latest firmware to ensure that you have added protection.

There are other methods of increasing security of your Internet connected CCTV systems which are way beyond the remit of this blog, but by implementing these five simple steps, you can reduce the chances of your CCTV system being attacked.

One thing to remember is that a CCTV system is basically a PC, they may not look or operate like one, but underneath they will be running an operating system which may well be Windows or Linux based, meaning that they are vulnerable to the same sorts of threats as desktop PCs.

It’s worth bearing in mind the next time you put one of your customers’ CCTV systems online.

Cut the cost of remote CCTV maintenance

CheckMyCCTV Maintenance Over the last 30 or so years, CCTV maintenance contracts have barely changed. Usually consisting of One or Two scheduled ‘pre-emptive’ maintenance visits a year to check that the system is working correctly.

In the era of tape based CCTV recording, scheduled maintenance was required to maintain the quality of recordings as the tapes and VCR heads became worn over time, but with digital CCTV systems this is not the case.

Pro-active not Pre-emptive

With modern Digital CCTV systems, there is no gradual degradation of recording quality between maintenance visits. CheckMyCCTV can monitor network connected CCTV systems for faults and recording issues, allowing maintenance visits to be targeted towards sites that actually need them.

Scheduled maintenance visits only ensure that your customers’ CCTV systems are working on the day of the visit, or two for bi-annual maintenance, but what about the other 363 days of the year when there’s no engineer on site?

Remotely Monitored Fault Reporting

CheckMyCCTV changes the way CCTV maintenance visits can be conducted. By automatically providing  Remotely Monitored Fault Reporting your customers are getting a maintenance package which is suited to the Digital era.

The benefits of remotely monitoring your customers’ CCTV systems for faults include:

  1. Peace of mind that your customers’ installations are working 365 days of the year.
  2. Immediate notification of fault conditions, often before the customers are aware of them.
  3. Proactive approach to customer service, rather than expecting your customers to detect issues.
  4. Increased efficiency of maintenance contracts – Pay As You Go and reduced visits to provide you and your customers with a ‘best value’ proposition.
  5. Reduced Costs of site visits by taking service engineers off the road, reducing fuel and labour costs, and improving the first visit fix rate.

A typical installer with 100 remote sites can save more than 30% of their Labour and Fuel costs by replacing two scheduled site visits with a single scheduled site visit and an emergency site visit triggered by CheckMyCCTV.

Pay As You Go Maintenance contracts

Current Pay As You Go maintenance contracts require the customer to detect faults and report them to the installer, in reality customers only tend to discover faults when they require footage from the CCTV system which is often not available. At this point, the damage is already done, the system you installed and maintain did not work and whether it is your fault or not, it is the your name and reputation that are tarnished.

By implementing CheckMyCCTV, faults are detected as soon as they happen, allowing you to pro-actively contact your customer to advise and arrange a site visit.

The next time you get a call from your customers to report a fault with their CCTV system, think how much better it would have been if it were you telling them that you have found a fault and you’re sending someone to fix it.

It’s time to drag maintenance contracts into the digital era, provide your customers with a better service for less with CheckMyCCTV. Contact Us for a FREE Trial to see how.

 

 

CheckMyCCTV Starter Pack Promotion

For a limited time, we’re offering new customers our CheckMyCCTV Starter Pack, which gives you everything you need to start checking the Health, Status, and Operation of your CCTV installations right now, at a great value price.

 

The CheckMyCCTV Starter Pack includes:

 

  • CheckMyCCTV Software (Client/Server)
  • 25 Unit One-year License
  • Remote Configuration*
  • Remote 1-hour Training Session*

Sign up for a 14-day FREE CheckMyCCTV trial today and see if your CCTV systems can be monitored for operational issues and faults, every hour of every day.

* Remote Configuration and Training session requires remote access using free TeamViewer software.

New Feature: Camera Tamper Detection

CheckMyCCTV Camera Tamper Detection launched

A CCTV system is only as good as the images it is recording. So if your cameras have been tampered with, your CCTV system may be as good as useless if the cameras are not recording the intended target area.

The problem is, how do you know when they have been moved? If the cameras are tampered with the system would carry on recording and the user would be blissfully unaware that their CCTV system is severely compromised. A manual check could be done, but this would be a hugely time consuming exercise comparing a ‘reference’ image against the current image.

CheckMyCCTV already monitors for camera faults, but it now goes one step further and monitors for camera tampering.

How does it work?

The Camera Tamper Detection function in CheckMyCCTV works by taking snapshots from each camera every day at user defined times (usually one during the day, and one at night). These are analysed and compared with images from the previous day, if the new image changes its view by more than user defined threshold, an alert is generated.

Camera Tamper Detection is a semi-automatic check, meaning that although CheckMyCCTV will generate an alert when the image has changes above a certain threshold. It is designed to augment manual camera checks, giving the operator an indication that a camera may need to be investigated further.

What can it detect?

Using the Camera Tamper Detection feature, CheckMyCCTV can now monitor and report when cameras are moved, obscured, covered, or sprayed, using existing network connected CCTV recorders without having to purchase additional equipment.

A typical application for Camera Tamper Detection could be in a shop or retail environment, where cameras are trained on the Till areas, or at entrance/exit doorways of buildings. An alert would be triggered if these important cameras are moved or obscured.

We’re not going to claim that camera tamper detection is 100% accurate, it is designed as an automated ‘first pass’ to give the operator a means of quickly checking whether reported cameras have indeed been tampered with.

 

Why is your CCTV not password protected?

We’ve all seen the recent stories of pretty much any device or account being hacked for malicious means; phones, bank accounts, email accounts, Twitter, Facebook etc. etc.

But what about CCTV systems? There are more and more systems being connected online to allow remote viewing, but how safe are they from hackers?

Whilst we have been installing CheckMyCCTV on customers’ sites, it’s been astonishing just how many systems either use the manufacturers default password, or no password at all – 8 out of 10 CCTV systems were using the manufacturers default password.

If a CCTV system is connected to a broadband line and is using the default passwords it can be very easy for an unauthorised user to gain access and do some or all of the following:

  • View and copy images from the CCTV system.
  • Reboot or shutdown the system.
  • Stop cameras from recording.
  • Disable alarms or connection to a Remote Video Receiving Centre (RVRC).
  • Delete or overwrite recordings.
  • Lock out authorised users.

You wouldn’t install a lock and give a key to anyone who happens to knock on the door – which is exactly what you’re doing if you don’t change the default passwords.

Check with the manufacturer regarding how to change the passwords, and put it on your checklist to complete before signing the site off – The integrity of your customers’ CCTV system and your reputation may depend on it.

Visit all your sites, without leaving your seat

With today’s high fuel costs, making unnecessary maintenance visits to customers’ sites can add a pretty high hidden cost to your bottom line. For example, a typical 100 mile round trip will cost in excess of £15. In isolation that may not seem a great amount, but how many miles do your service engineers cover in a month?

CheckMyCCTV can reduce the number of service visits you make by connecting to all your sites and automatically diagnosing issues before an engineer goes anywhere near the site. If a site visit is required, it can be made with all the correct replacement parts and tools without having to make a return trip, saving fuel, time, and manpower, and in an ever increasing green economy, reduce your carbon footprint.

CheckMyCCTV can not only help reduce the number of service visits, but also ensure service visits are more targeted, and improve efficiency within a service team. This was demonstrated to us this week when a hard disk failure was reported by a CheckMyCCTV monitored system – the end user was blissfully unaware of any issues because the system looked like it was operating correctly, it just wasn’t recording!

The installer was immediately alerted to the hard disk failure by CheckMyCCTV, which also indicated the required replacement hard disk size. The installer then contacted the customer to let them know they would visit to repair the faulty unit, before they were even aware there was a fault.

One check, One call, One visit, One happy customer!

Try CheckMyCCTV now and see how it can improve your service efficiency.

New Release: CheckMyCCTV version 1.1.4

CheckMyCCTV version 1.1.4 is now available to download. This version fixes a few minor issues we had found or reported by customers using feedback@nullcheckmysystems.com. Current users can update their software by clicking Help > Check for updates and follow on-screen instructions.

1.1.4 Changelog:

CHANGED – Map web pages available locally for sites without access to CheckMySystems website.

FIXED – Screen at 1024 x 768 resolution do not display test configuration page correctly.

FIXED – When you initially create a Customer, a Site icon is displayed where the Set/Unset Icon should be.

Check your multi-site CCTV installations today

CheckMyCCTV is ideal for monitoring the operation and status of your multi-site installations, especially when sites are located over large geographic areas, are unmanned, or you just need the reassurance that your CCTV systems are working.

It is often difficult to know at any point in time whether your sites are operational, checking manually can be time consuming, repetitive and often inaccurate, especially if there are 10’s or 100’s of sites to check.

CheckMyCCTV not only checks the health of your entire CCTV estate, but also that your sites are configured and operating correctly. Typical operational checks include:

  • Checking that the alarms are operational.
  • Ensuring the site operator is arming/disarming the site.
  • Ensuring that alarms are being monitored by the RVRC,
  • Checking that the system is recording for the required duration, and
  • Checking that the Time and Date of the recordings are accurate.

CheckMyCCTV’s easy to use interface will always keep you up to date with the status of all your sites, no matter where they are.

CheckMyCCTV offers an incredible value proposition for peace of mind – typically less than 1% of the cost of your CCTV installation to monitor your site for a year.

Contact us for a quote or to sign up for a free 14-day trial.


Can you check your CCTV in under 20 seconds?

You can with CheckMyCCTV! The latest updates to the test engine now make it possible to comprehensively check your Dedicated Micros CCTV system and cameras in under 20 seconds*.

As an installer or RVRC, your customers may expect (or demand) that you regularly check their CCTV system. CheckMyCCTV is a simple and most cost effective way to ensure that your customers sites and your reputation remain in good health.

CheckMyCCTV automatically and autonomously checks many aspects of the CCTV system and gives you a status report in less than 20 seconds. If you had the time, patience, and persistence, you could (probably) manually perform all the tests that CheckMyCCTV does.

If you want to give it a try, here’s the tests you’d have to perform……on your marks….get set……GO!

  • Check that you can connect to the DVR.
  • Check that the time and date is correct.
  • Check that all the cameras are working.
  • Check that the unit is recording. (Are you sure it’s recording?)
  • Check that the hard disks are working.
  • Test the network bandwidth of the DVR. (Are you losing the will to live now?)
  • Take a daily configuration backup from the DVR.
  • Check that the DVR is actioning alarms. (Are we nearly there yet?)
  • Check that the DVR is connecting to a central station on alarm, etc etc.

I think you get the picture. In all there are up to 22 individual checks that CheckMyCCTV performs on every unit, every hour of every day.

So, do you really have time to check your CCTV systems manually? Find out how much time and resource CheckMyCCTV can save you, contact us today for a FREE 14-day trial.

 

* Tests conducted on a standard BT Broadband connection at 6Mb/s download and 330Kb/s upload using a 2.8GHz Pentium 4 PC.