Outdated firmware could be putting IP camera security at risk


Tuesday, 10 December, 2019
Outdated firmware could be putting IP camera security at risk

Outdated firmware could be putting security cameras at increased risk of cyber attack, according to new research.

The study — conducted by Genetec — looked at cyber defences in over 44,000 cameras connected to systems that are part of the company’s opt-in product improvement program.

Of cameras sampled, almost seven in 10 were running out-of-date firmware, Genetec said, leaving them without the latest features and, more importantly, the latest cyber protection.

“Our primary research data points to the fact that more than half of the cameras with out-of-date firmware (53.9%) contain known cybersecurity vulnerabilities. By extrapolating this to an average security network, nearly four out of every 10 cameras are vulnerable to a cyber attack,” Genetec Lead Security Architect Mathieu Chevalier said.

Genetec also found that nearly one in four organisations relied on a single password for all cameras from the same manufacturer, giving hackers easy access into the network once only one camera has been compromised, the company said.

Until recently, Internet Protocol (IP) cameras came with default security settings, including admin login information that is often publicly available on manufacturers’ websites, Genetec said. While most camera manufacturers now request users set up a new password and admin credentials at installation, businesses, cities and government organisations with older equipment may not have updated their passwords, potentially compromising other critical data and systems in their network.

“Unfortunately, our research shows that the ‘set it and forget it’ mentality remains prevalent putting an entire organisation’s security and people’s privacy at risk. All it takes is one camera with obsolete firmware or a default password to create a foothold for an attacker to compromise the whole network,” Chevalier said.

“It is critical that organisations should be as proactive in the update of their physical security systems as they are in updating their IT networks,” he concluded.

Image credit: ©stock.adobe.com/au/Goodpics

Related News

Australian ransomware payments average at $9.27 million

Data from Sophos suggests that Australian businesses falling victim to a ransomware attack...

Akamai launches zero trust platform

Akamai's new Guardicore platform combined Zero Trust Network Access with microsgmentation to...

Veeam buys ransomware response company Coveware

Veeam has arranged to augment its cyber extortion incident response capabilities with the...

Content from other channels on our network

Central Highlands Water chooses Infor for ERP

The benefits and risks of AI usage in the public sector

Cobalt Iron earns patent on analytics-based dynamic authorisation control

Shoalhaven City Council uses AI to deliver safer roads to the community

Smart technologies: helping councils improve community services and sustainability

Govt funds telco resilience tech, responds to LEOSat report

Extreme enclosure heli-lifted into an extreme environment

Cyber secured at critical network device level has never been more important

Cradlepoint 'Vehicle as a Node' is the Next Frontier for Emergency Services

Govt responds to post-incident review of Optus outage

LAPP ÖLFLEX CLASSIC 110 control cables empower industrial connectivity

Delivering Dependable Fibre Optic Solutions for Challenging Environments through Enhanced Beam Cable Assemblies

Indonesia moves towards power grid resilience

Qld networks launch powerline safety campaign

Virtual power plants installed at regional schools

  • All content Copyright © 2024 Westwick-Farrow Pty Ltd