Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Physical Security

10:00 AM
Wayne Dorris
Wayne Dorris
Connect Directly
E-Mail vvv

The Line Between Physical Security & Cybersecurity Blurs as World Gets More Digital

Security teams are being challenged by the connected nature of IP devices, and preventing them from being compromised by cybercriminals has become an essential part of keeping people and property safe.

As the technological landscape has evolved, the security industry has evolved with it. Analog devices are largely a thing of the past, and the rise of connected devices has enabled security technology to make incredible advances in recent years. Today, surveillance video can be analyzed in real time, generating automatic alerts when suspicious behavior is detected. Intelligent audio solutions can detect raised voices or breaking glass. Access control stations can keep intruders out of restricted areas while notifying the appropriate authorities.

Related Content:

Out With the Old Perimeter, in With the New Perimeters

The Changing Face of Threat Intelligence

New on The Edge: Loyal Employee ... or Cybercriminal Accomplice?

Protecting people and property is as important as ever, and devices like IP cameras and other sensors have put powerful new capabilities in the hands of security teams. But the connected nature of these devices has brought new challenges to bear on security teams, and preventing them from being compromised — or even commandeered — by cybercriminals has become an essential part of keeping people and property safe.

Understanding the Threat
The idea that physical security devices can be hacked is hardly new. The high-profile Ring hack in 2019 resulted in the compromise of doorbells and home security cameras across four states, underscoring the fact that even companies like Amazon, with seemingly infinite resources, are not immune to this type of vulnerability.

This is a problem across a wide range of industries. As more devices are connected to the Internet, they become attractive targets for criminals. Webcams are so widely understood to be vulnerable that "webcam covers" are now commonplace. Studies have shown that vehicles can be hacked while driving down the highway. Even pacemakers have proven susceptible to attack — while implanted in the human body. If devices ranging from doorbells to artificial hearts can be targeted by cybercriminals, it should come as little surprise to those in the security industry that surveillance cameras and door stations are potential targets as well.

Connected devices often serve as a pivot point for cyberattacks. If one IP camera is compromised, it likely means the entire network is compromised. And while controlling the surveillance cameras protecting a property might enable some Ocean's 11-style heist hijinks, it is more likely to lead to a serious data breach as the intruder moves throughout the network looking for high-value information, such as intellectual property data or customers' personal or financial information. In the case of power plants, chemical plants, and other properties using industrial control systems, a compromised network has the potential to lead to even more disastrous — and explosive — results.

The Role of Manufacturers and Integrators in Keeping Things Cybersecure
For physical security, this means, for starters, that everyone involved in the manufacturing, installation, operation, and maintenance of physical security devices needs at least a base-level understanding of cybersecurity challenges. If each new device that connects to a network represents a potential inroad for would-be cybercriminals, protecting those devices at every level becomes essential. Which makes it more important than ever for an organization's security department to work closely with the IT team.

For manufacturers, the importance of forcing users to change default credentials before first use has never been higher. The Mirai botnet, one of the most well-known and successful pieces of malware in history, infected millions of connected devices across the globe by exploiting common default username/password combinations. While manufacturers have been aware of the importance of changing default passwords, we are now seeing mechanisms being put in place to ensure a device doesn't function until the password is changed. Going even further, some states, including California, have reinforced that knowledge with legislation mandating their use.

Similarly, integrators must be able to keep devices protected during and after the installation process, avoiding the sort of misconfigurations that cyberattackers are known to exploit. IT departments and users themselves also bear a degree of responsibility when it comes to securing their devices by installing product updates and patches in a timely manner. Organizations must ensure that their employees understand the importance of protecting every device on the network, while also effectively vetting the security knowledge and capabilities of both their manufacturer and integrator partners.

Bridging the Gap Between Physical and Digital
The proliferation of advanced, Internet-enabled devices like IP cameras and access control stations has put exciting new tools in the hands of security teams; however, it's critical for security professionals to understand the potential challenges they bring with them. Connected devices have become a common target for cybercriminals hoping to steal valuable data or even cause potential destruction of property. Protecting those devices through effective cybersecurity now goes hand-in-hand with physical security, creating a convergence of the physical and digital realms that reflects the increasingly interconnected state of today's world.

Wayne Dorris is the business development manager for cybersecurity at Axis Communications, where he generates awareness, assists with cyber strategy and demand in Axis products. He also influences IP solutions for all segments of Axis' business relative to cyber solutions ... View Full Bio

Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Apprentice
12/16/2020 | 2:31:08 AM
No castle is impregnable
read with I gree author's opinion I think that we need a native secure of device of capability to protect our digital/physical world!
Visit the Web's Most Authoritative Resource on Physical Security

To get the latest news and analysis on threats, vulnerabilities, and best practices for enterprise physical security, please visit IFSEC Global. IFSEC Global offers expert insight on critical issues and challenges in physical security, and hosts one of the world's most widely-attended conferences for physical security professionals.

Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-02-27
SerComm AG Combo VD625 AGSOT_2.1.0 devices allow CRLF injection (for HTTP header injection) in the download function via the Content-Disposition header.
PUBLISHED: 2021-02-27
An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level.
PUBLISHED: 2021-02-27
In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)
PUBLISHED: 2021-02-27
An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py.
PUBLISHED: 2021-02-27
i-doit before 1.16.0 is affected by Stored Cross-Site Scripting (XSS) issues that could allow remote authenticated attackers to inject arbitrary web script or HTML via C__MONITORING__CONFIG__TITLE, SM2__C__MONITORING__CONFIG__TITLE, C__MONITORING__CONFIG__PATH, SM2__C__MONITORING__CONFIG__PATH, C__M...