Combating the cyber attack threats in a networked surveillance world

7 May, 2019
In the past, physical surveillance systems were most at risk of being damaged by natural causes, such as the weather or intentional tampering, such as vandalism. However, now surveillance has been digitized with the invention of the IP camera, they are now at risk from an unseen threat: cyber-attacks. Furthermore, the intention of the attacker is not always to simply disrupt the surveillance feed, it could also be that they are interested in collecting the system’s data, harvesting its resources, or even bringing down the organization’s network infrastructure.

Axis has released a whitepaper covering three specific ways in which a system could be exploited in a surveillance system. The specific threats are firmware tampering, supply-chain tampering, and extraction of private keys, which are often caused by authorized personnel accidentally or deliberately misusing the system.

In particular, the whitepaper looks at some exciting solutions Axis has developed to counter cyber threats in security systems. The first is firmware signing for supply-chain tamper prevention. This is needed because, in theory, any “middle men” coming into contact with a device, for example during transit, could alter the device’s boot partition to allow firmware integrity checks to be bypassed. This means that during a firmware update, compromised firmware could also be installed onto the system. However, by using Axis secure boot process, a device can boot only with authorized firmware. The technology behind the secure boot process consists of an unbroken chain of cryptographically validated software, starting in immutable memory (boot ROM). Being based on the use of signed firmware, secure boot ensures that a device can boot only with authorized firmware.

The second is a trusted platform module (TPM), which provides a set of cryptographic features suitable for protecting information from unauthorized access. The private key is stored in the TPM and never leaves the TPM. Once access to the key has been requested, it is sent to the TPM to be processed before being released, ensuring the secret part of the certificate never leaves the secure environment, even in the event of a security breach.

Although these measures are above and beyond current regulation, it is worth familiarizing yourself with the cyber threats your organization may face.

Learn more about the measure you can take to reduce the risk of common threats
Axis Hardening Guide Signed FW, secure boot and trusted platform module
More about