In the last few years the CCTV industry went through major changes, from analog to digital and from stand alone to network connected. And, setting up a system today, you need more knowledge in networking then in Video Audio systems. The majority of end users prefer their system connected to their business or home computer network. The main advantage of that decision is so they can access their CCTV system from multiple devices or multiple locations. The main disadvantage of such ability is security.
3-4 years ago, the main complaints about the failure of the surveillance system were fairly ordinary: splattered paint, broken camera, stolen camera, failure to record and etc. Today, when your CCTV system is integrated into your corporate network, the system becomes a target as well as a weak spot for hackers that will take advantage and will use your CCTV system to do one of of the following:
- Watch and listen to any video/audio content that your system is recording or viewing
- Share the privacy of your home with the rest of the world
- Access your computer network through the back door of the CCTV system
- Simply turn your system off when they need to illegally infiltrate your property
Be sure to consult with experts in the installation of video surveillance systems. They are always exploring new as well as the most likely vulnerabilities. In each case, security protection requires expertise and may result in a high or low degree of protection of CCTV devices. But, right now, I want to talk about the basic configuration of a security setup for a CCTV system that will eliminate 99% of the hack attempts on your system. Here is an example!
In the last couple of weeks we started to get phone calls from customers that complained about strange occurrences with their DVR/NVR. When they access their security recorder through a web-interface they cannot view their cameras under live preview. An error message pops on their screen that says, “No Rights”. Some of the users can view the cameras but cannot login into the “Settings” tab getting the same error message on their screen. Those issues occurred only when they try accessing the DVR/NVR through web-interface. When local access is used, there is no issue at all. The Techpro technical support team researched the issue for a couple of weeks and here what we found.
Any DVR/NVR that is purchased from our securitycameraking.com has a default setup of 4 user accounts. 2 of them are admin accounts and the other 2 are the guest accounts. The 2 guest accounts, the “guest” is for web-interface access and the “666666” is for local access. Both are very limited and are used to limit the access of your guest with what they can view or use. The other 2 admin accounts are the important ones. The “888888” account is for local use only and the “admin” account is your most important account since it can be used to access the DVR/NVR in any way you like and make changes as you wish. Those capabilities make this account very important and also very important to protect. When we checked the user accounts, we found a fifth account, “system” account. The name has nothing to do with your system and it is implemented to conceal the real objective of this account which is to gain administrative privileges to your system. We started to investigate on how this account could have goten there and discovered that all the users that got hacked by this method had one thing in common. They were using the default password “admin” for the admin account, which is a violation of the most basic security protocols in any computer system. The solution for this security breach is simple! Delete the fifth account, named “system” and change your administrative password for the “admin” account from “admin” to your chosen password. Remember that your password cannot exceed 6 characters in our systems. Don’t forget also to change the password on all the devices you are using to access this DVR/NVR system.
It is still hard for us to understand why 50% of our customers that is so aware of the security on their computer system, fail to secure their CCTV system and keep the factory default password, which makes it even worse than an unsecured computer network. Can you imagine if someone is using your system to watch and record your actions when you are in the privacy of your own residence and they also know when you are not at home so they can break into your house or mess up your alarm system without you suspecting anything? These are incidents which can be avoid by simply changing the default password.
There are many additional tips on securing your CCTV system when setting up your remote access. Here are a few simple rules that you should follow:
- When forwarding ports for your CCTV system on your router, do not use the DMZ (demilitarized zone) feature for your surveillance system on your router since enabling this feature will give the user unlimited access to the DVR/NVR that is on the network.
- When you have multiple cameras connected to your NVR, do not forward the ports for all those network cameras. It is unnecessary, since the cameras are used by an NVR that is already forwarded for the remote access.
- Instead of giving the user your admin password, create a user account and allow access only to features that he needs and uses.
- Remember to change the password as often as you can, it will definitely make any hackers life harder to access your system.
Today’s hackers have the ability to hack any system that surrounds us. Every day more new malicious programs are invented and they become more aggressive and unsafe. Since any device or gadget cannot work without human factor the simplest safe way we can protect ourselves is to limit the access to our devices by following some basic safety rules.
For more information please call Techpro Security tech support department at 866-573-8878. You can also post questions and read up on other technical savvy people at our Online CCTV Security Camera Forum.