[av_two_third first min_height=” vertical_alignment=” space=” custom_margin=” margin=’0px’ padding=’0px’ border=” border_color=” radius=’0px’ background_color=” src=” background_position=’top left’ background_repeat=’no-repeat’ animation=” mobile_display=”]
[av_heading tag=’h3′ padding=’10’ heading=’Is your physical security system an attack surface for hackers? ‘ color=” style=” custom_font=” size=” subheading_active=” subheading_size=’15’ custom_class=” admin_preview_bg=”][/av_heading]
[av_image src=’https://physical.viakoo.com/wp-content/uploads/2015/01/cyber-security-video-shutterstock-300×225.jpg’ attachment=’6261′ attachment_size=’medium’ align=’center’ styling=” hover=” link=” target=” caption=” font_size=” appearance=” overlay_opacity=’0.4′ overlay_color=’#000000′ overlay_text_color=’#ffffff’ animation=’no-animation’ admin_preview_bg=”][/av_image]
[av_textblock size=” font_color=” color=” admin_preview_bg=”]
Physical security systems are increasingly being targeted by cyber-criminals, with new exploits and vulnerabilities being discovered every day. To keep on top of these threats requires a new way – Viakoo. As the leading physical security system and data verification solution Viakoo’s purpose built technology can help you see all sorts of issues in your physical security system, including cyber threats.
[/av_textblock]
[av_textblock size=” font_color=” color=” admin_preview_bg=”]
Please scroll below to understand how Viakoo addresses today’s key cyber threats like Devil’s Ivy, Mirai, Persirai, and the use of default camera device passwords.
Other resources include:
Securing the Security Network: 12 point checklist (our most popular download)
Automated Default Password Checking: learn more about Viakoo’s recently launched automated default password checking capability
Viakoo Blog: Check out our recent post on physical security systems as attack surfaces.
[/av_textblock]
[/av_two_third]
[av_one_third min_height=” vertical_alignment=” space=” custom_margin=” margin=’0px’ padding=’0px’ border=” border_color=” radius=’0px’ background_color=” src=” background_position=’top left’ background_repeat=’no-repeat’ animation=” mobile_display=”]
[av_heading tag=’h3′ padding=’10’ heading=’Viakoo has solutions.’ color=” style=” custom_font=” size=” subheading_active=” subheading_size=’15’ custom_class=” admin_preview_bg=”][/av_heading]
[av_heading tag=’h3′ padding=’10’ heading=’Get Started Now – Please Provide Your Contact Info and We’ll be in Touch’ color=” style=” custom_font=” size=” subheading_active=” subheading_size=’15’ custom_class=” admin_preview_bg=”][/av_heading]
[av_codeblock wrapper_element=” wrapper_element_attributes=”]
[/av_codeblock]
[/av_one_third][av_hr class=’default’ height=’50’ shadow=’no-shadow’ position=’center’ custom_border=’av-border-thin’ custom_width=’50px’ custom_border_color=” custom_margin_top=’30px’ custom_margin_bottom=’30px’ icon_select=’yes’ custom_icon_color=” icon=’ue808′]
[av_one_third first min_height=” vertical_alignment=” space=” custom_margin=” margin=’0px’ padding=’0px’ border=” border_color=” radius=’0px’ background_color=” src=” background_position=’top left’ background_repeat=’no-repeat’ animation=” mobile_display=”]
[av_heading heading=’Devil’s Ivy Vulnerability’ tag=’h3′ style=” size=” subheading_active=” subheading_size=’15’ padding=’10’ color=” custom_font=” admin_preview_bg=”][/av_heading]
[av_textblock size=” font_color=” color=” admin_preview_bg=”]
According to Senrio (who discovered this vulnerability):
Devil’s Ivy results in remote code execution,and was found in an open source third-party code library, from gSOAP. When exploited, it allows an attacker to remotely access a video feed or deny the owner access to the feed.
[/av_textblock]
[/av_one_third]
[av_two_third min_height=” vertical_alignment=” space=” custom_margin=” margin=’0px’ padding=’0px’ border=” border_color=” radius=’0px’ background_color=” src=” background_position=’top left’ background_repeat=’no-repeat’ animation=” mobile_display=”]
[av_icon_box position=’left’ icon_style=” boxed=” icon=’ue812′ font=’entypo-fontello’ title=’How Viakoo Helps’ link=” linktarget=” linkelement=” font_color=” custom_title=” custom_content=” color=” custom_bg=” custom_font=” custom_border=” admin_preview_bg=”]
There are three key mechanisms used by Devil’s Ivy that can be detected and alerted by Viakoo:
1: Flaw to continually reboot the camera: Viakoo will see tcp/udp port change, camera uptime change
2: Change network settings and block the owner from viewing the video feed. With Viakoo you can be automatically alerted nwhen there is no video stream
3: Reset the camera to factory default, which will prompt the attacker to change the credentials, giving them exclusive access to the camera feed. Viakoo has automated checking if a camera is using a default password, making it easy to scan for this change.
[/av_icon_box]
[/av_two_third]
[av_one_third first min_height=” vertical_alignment=” space=” custom_margin=” margin=’0px’ padding=’0px’ border=” border_color=” radius=’0px’ background_color=” src=” background_position=’top left’ background_repeat=’no-repeat’ animation=” mobile_display=”]
[av_heading tag=’h3′ padding=’10’ heading=’Mirai & Persirai Botnets’ color=” style=” custom_font=” size=” subheading_active=” subheading_size=’15’ custom_class=” admin_preview_bg=”][/av_heading]
[av_textblock size=” font_color=” color=” admin_preview_bg=”]
Like other IoT botnets, Mirai and Persirai take advantage of open Universal Plug and Play (UPnP) ports on IP cameras to infect them. Once on an IP camera, the malware is designed to connect to a command-and-control server and download software for launching DDoS attacks against specific targets.
[/av_textblock]
[/av_one_third]
[av_two_third min_height=” vertical_alignment=” space=” custom_margin=” margin=’0px’ padding=’0px’ border=” border_color=” radius=’0px’ background_color=” src=” background_position=’top left’ background_repeat=’no-repeat’ animation=” mobile_display=”]
[av_icon_box position=’left’ icon_style=” boxed=” icon=’ue812′ font=’entypo-fontello’ title=’How Viakoo Helps’ link=” linktarget=” linkelement=” font_color=” custom_title=” custom_content=” color=” custom_bg=” custom_font=” custom_border=” admin_preview_bg=”]
Viakoo is constantly analyzing your physical security infrastructure for abnormal or out-of-bounds conditions. With botnets that commandeer resources in order to launch attacks Viakoo can alert you when unusual traffic is detected from the camera device, and can also be used to look at other resources on the physical security network for potential cyber-security issues.
[/av_icon_box]
[/av_two_third]
[av_one_third first min_height=” vertical_alignment=” space=” custom_margin=” margin=’0px’ padding=’0px’ border=” border_color=” radius=’0px’ background_color=” src=” background_position=’top left’ background_repeat=’no-repeat’ animation=” mobile_display=”]
[av_heading tag=’h3′ padding=’10’ heading=’Cameras with Default Passwords’ color=” style=” custom_font=” size=” subheading_active=” subheading_size=’15’ custom_class=” admin_preview_bg=”][/av_heading]
[av_textblock size=” font_color=” color=” admin_preview_bg=”]
Probably the most common vulnerability in a physical security system is when IP connected cameras are using default passwords. These are easily obtained, and can provide hackers with access to video streams and put them in control of the camera device.
[/av_textblock]
[/av_one_third]
[av_two_third min_height=” vertical_alignment=” space=” custom_margin=” margin=’0px’ padding=’0px’ border=” border_color=” radius=’0px’ background_color=” src=” background_position=’top left’ background_repeat=’no-repeat’ animation=” mobile_display=”]
[av_icon_box position=’left’ icon_style=” boxed=” icon=’ue812′ font=’entypo-fontello’ title=’How Viakoo Helps’ link=” linktarget=” linkelement=” font_color=” custom_title=” custom_content=” color=” custom_bg=” custom_font=” custom_border=” admin_preview_bg=”]
Especially with a large number of camera devices it is hard to ensure that they have all had their default passwords changed, and to make sure the new password is not an easy to guess or common password. Viakoo can automatically scan all camera devices on your network, and will generate a report showing exactly which cameras are still using a default or easy to guess password.
[/av_icon_box]
[/av_two_third]