Posted on

Security For Your Security

Security for your Security

If you’ve created an account on any website in the last 5 years, you’ll be familiar with password requirements. 8 characters, alphanumeric, etc… sometimes even special characters. Regardless of its inconvenience, it’s a good practice. So, what does that have to do with your CCTV system? And what do we mean by Security for your Security?

A surprising number of people leave the default password on their home security systems and cameras. A staggering number, actually. “It’s easy to remember,” you may say. Well… that’s true, but it’s also easy for anyone in the world to gain access to. And then access your CCTV system. Maybe it’s your home security system, so they can peek in on your family. Maybe your business security system, so they can keep track of when you are and aren’t in the office / store. Maybe it’s just to access your system to add to a botnet (https://en.wikipedia.org/wiki/Botnet).

Simply put, a botnet is a network of devices that can be used to do harm, like sending a DDOS (Distributed Denial of Service) attack, steal information, send spam, or give the attacker access to said systems. If you think P.C.s are the only devices that are vulnerable, you may be surprised to find out that even Smart Refrigerators have been used in some botnet attacks. Chills your drinks, and takes out a government server!

Most people would like to believe that it wouldn’t happen to them, but sincerely, why take that risk? It’s really a simple thing to prevent. It turns out that “password” isn’t really a great password.

How would you prevent this from happening? Strong passwords are a good start. You really should consider a password that’s at least 9 characters long, alphanumeric, with special characters, and varied case. Also, rename the admin account, rather than just using the name ‘admin’. Here’s an example of a changed username and strong password:

Username: DAdams42

Password: h3@r70Fg01d

The password above has a special character, varied case, five numbers, and it’s 11 characters in length. Just write it down and keep it in your wallet or other safe place, if need be.

Yeah, it’s a bit of a pain to put that in every time you’d like to view playback on your NVR, but it’s better than someone being able to access your personal cameras. Now, this mostly applies to IP Cameras, but also goes for any home CCTV system that’s connected to the internet. IP cameras and systems just happen to be a bit more neglected as far as passwords go.

Now, keep in mind that if viewing your CCTV system from outside your home or office isn’t a big deal to you, you can always just leave it disconnected from the internet. That will prevent anyone from being able to connect to it remotely.

This author isn’t usually an alarmist, but botnets like Mirai and the newest one The Reaper (yeah… doesn’t really invoke images of bunnies and rainbows), can cause serious damage, and most people have no idea that their hardware is being used for this kind of thing. I’m going to include some reading material for you guys just below here, but to sum up my point, you really should consider security for your security. It’s a simple measure than can save some hassle and embarassment. And can prevent people from using your equipment and internet connection to do harm to others. Plus, the internet doesn’t need to see video of you in your skivvies.

https://www.wired.com/story/reaper-iot-botnet-infected-million-networks/

https://en.wikipedia.org/wiki/Mirai_(malware)

https://www.cnet.com/news/fridge-caught-sending-spam-emails-in-botnet-attack/

Leave a Reply

Your email address will not be published. Required fields are marked *