Cyber Security Checklist to secure CCTV from Hacking
CCTV is critical to the security of any critical infrastructure. This blog provides a Cyber Security Checklist to secure CCTV from Hacking.
Cyber Security Checklist to secure CCTV from Hacking
(1) Risk Assessment
Risk Assessment is critical concerning CCTV and posed by the environment. It is recommended to perform an exhaustive risk assessment to categorize risks associated with the device and environment.
(2) Supply Chain Security of CCTV
Ensure supply chain security of CCTV by verifying software bill of material for third-party components, versioning, and published vulnerabilities.
(3) Hardware Root of Trust
Check whether the Cryptography Hardware Root of Trust is provisioned in CCTV for the integrity of running firmware.
(4) Code Review
Ensure code review is done for firmware used in CCTV by the security auditing agency to identify usage of banned C functions, and to mitigate existing vulnerabilities in the used packages.
(5) Memory Protection Techniques
Check memory protection mechanisms such as Address Space Layout Randomisation (ASLR), Data Execution Protection (DEP), Stack Smashing Protector (SSP), read-only relocation (RELRO), etc. are enabled while the development of CCTVs.
(6) Collection of Logs
Ensure provision is available for collecting logs of security events that include authentication attempts, access to debugging, low power, etc.
(7) Use of Reliable Time Stamp
A reliable time stamp is critical for accessing the security logs with genuine time stamps. Ensure provision is available for a reliable time by connecting the system with NTP or with a trusted time source.
(8) Secure Communication
Ensure CCTV supports the security of data in transit by employing communication security such as TLS. It simply means the CCTV device cryptographically verifies the X.509 certificate.
(9) Disable debugging interfaces
Ensure debugging interfaces such as JTAG, UART, SWD, etc. are disabled or protected by strong passwords in CCTV in the field.
(10) Update Mechanism
Ensure Devices use a secure update mechanism to mitigate any identified vulnerabilities on the CCTV devices.
Subscribe us to receive more such articles updates in your email.
If you have any questions, feel free to ask in the comments section below. Nothing gives me greater joy than helping my readers!
Disclaimer: This tutorial is for educational purpose only. Individual is solely responsible for any illegal act.