White Paper
This White Paper is intended to educate the readers regarding threats associated with IP-based
surveillance devices and describes an affordable, best-in-breed, easy-to-configure solution like Web
Application Firewall (WAF) offered by Cyberoam UTM to mitigate these threats.
Security of Surveillance Devices
www.cyberoam.com
White Paper
First let’s have a quick look at some of the eye-opening hacking incidents of last year.
Hacked Cameras!!!
downloaded, erased and uploaded, a researcher said during the Hack in the Box security conference in Amsterdam ...”
Result – Privacy breach, misuse of photographs and videos
“The high-end Canon EOS-1D X camera can be hacked for use as a remote surveillance tool, with images remotely
http://www.csoonline.com/article/731581/hackers-turn-a-canon-eos-camera-into-a-remote-surveillance-tool
A $33 Million Stealer!!!
A high-roller and hacker accomplices made off with about $33 million after they gamed a casino in Australia by hacking its surveillance cameras and gaining an advantage in several rounds of high-stakes card games.”
Result – Monetary loss of $33 million, loss of reputation, security at stake
http://www.wired.com/threatlevel/2013/03/hackers-game-casino/
"Do you want to see something scary?”
It was a Saturday night, not much happening in her Long Beach, California, neighborhood, so high school senior Melissa Young was home messing around on her computer. Her little sister, Suzy, was doing the same thing down the hall. The house was quiet, save the keyboard tapping in the girls' rooms, when the odd little instant message popped up on Melissa's screen—an IM from Suzy. Attached to the note was a file labeled simply SCARY.
Result – Serious privacy breach, Clueless terrorized victims and many more intangible losses
http://www.gq.com/news-politics/newsmakers/201201/luis-mijangos-hacker-webcam-virus-internet#ixzz2SEIyRuhq
So in the light of above incidents, answer following questions for your safety:
1. What if the IP cameras you had installed in your retail outlet to
keep watch on the whole day activities, become eyes and ears
of a potential burglar?
2. What if your emergency alert system goes crazy and starts
ringing without any real emergency and create havoc and
before you understand anything, it opens a small door for a
potential intruder to enter into your otherwise safe systems?
3.number no longer remains secret (and you do not even realize
that)?
What if you are operating your ATM card and your secret PIN
4. What if one fine day you discover that feed of your security
camera has been selectively deleted and later you realize that
something unusual has happened in that selective period.
5. What if your access control system starts giving access to
unauthorized users?
Sounds like a sci-fi Hollywood movie, right? But wait, this is not just
a wild imagination. In this fast forward world of technology, every
imagination can be turned into reality. And this reality can be
devastating based on the industry and size of the organization.
So what do you want to be? A helpless awestruck victim or an
intelligent pro-active tech-savvy who understands the fact that
security equipments also need security?
If it is the latter, then an intelligent choice will be Cyberoam Web
Application Firewall.
To understand the need of Cyberoam WAF solution you first need to
understand the deployment and risks associated with these security
equipments.
Understanding IP Camera Deployment
www.cyberoam.com
1.
2.
3.
White Paper
Typical deployment of IP cameras:
There can be two types of IP cameras; one is a Centralized IP
camera which has a Network Video Recorder (NVR) to handle the
video recordings and another is Decentralized IP camera which has
built-in recording functionality to record directly on HD, flash drive
or any other digital media. These cameras work on IP (Internet Protocol) and can be accessed
and managed over web using HTTP or HTTPS protocol. You can
access these surveillance devices globally. You can monitor
activities taking place in your organization premises in your
absence. But like any other IP based devices, these devices are also
vulnerable; they can become easy targets for hackers. Click here to read some of the IP cameras vulnerabilities which were
discovered recently.
If appropriate security measures are not in place then the hackers
can exploit any of the Web vulnerabilities existing in your Web
cameras. Once hacked and exploited, these devices can turn into a
real headache for you and your organization. The recordings can be
controlled and manipulate or the database can be hacked and used
for backdoor entry in to organization networks. Your privacy,
credibility and business everything can be at stake.
http://www.theregister.co.uk/2013/05/01/ip_cameras_with_dum
b_vulns/
Every year, hundreds of cases are reported where the Web-based
security devices, which are meant to safeguard users, actually get
compromised and turn into platform for hackers launching personal
and professional threats.
Cyberoam Web Application Firewall (WAF) comes into
picture.
Here
Cross Site Scripting (XSS)
SQL Injection
Broken Authentication
Unvalidated Redirects
www.cyberoam.com
White Paper
Registered Trademark of Cyberoam Technologies Pvt. Ltd.
www.cyberoam.com
India
901, Silicon Tower, Behind Pariseema Building, Off, C.G.Road,
Ahmedabad 380 006, INDIA, Tel: +91-79-66065606
Toll Free Numbers
USA : +1-800-686-2360 | India : 1-800-301-00013
APAC/MEA : +1-877-777-0368 | Europe : +44-808-120-3958
Cyberoam Technologies Pvt. Ltd.
115 Glendale Avenue, Edison,
New Jersey 08817, USA, Tel: +1-847-235-4684
Cyberoam WAF’s Positive protection model without Signature
Tables is the state- of- the- art solution to prevent threats targeting
web based applications-Web camera or IP camera is one of them.
Cyberoam WAF’s Intuitive Website Flow Detector identifies and
blocks all application-layer attacks without human intervention and
without signature tables or pattern-matching techniques. It blocks
any attempts of bypassing the authentication. Cyberoam WAF protects web appl icat ions against
Cyberoam offers SSL offloading which ensures that while accessing
your IP cameras over Web, critical data like user credentials travel in
encrypted form. The communication between the management
device and Cyberoam WAF remains secure via appropriate
encryption methods.
Cyberoam WAF protects against attacks like SQL injection, cross-
site scripting (XSS), and cookie-poisoning and prevents exploitation
of IP based security devices. Cyberoam ensures that these security
devices are used exactly as intended.
Cyberoam WAF shields any Web environment (IIS, Apache, ®WebSphere , etc.) against common server mis-configurations and
an ever-expanding universe of known 3rd-party software
vulnerabilities.
OWASP threats
Cyberoam WAF ‘s reverse proxy model for all incoming HTTP and
HTTPS traffic provides an additional level of security where WAF
receives all incoming connections from the Web and then refers to
the server in order to serve them. By following this model Cyberoam
WAF makes sure that the Web client never gains direct access to the
server and so it remains protected.
Cyberoam WAF protects application-defined URL query string
parameters, cookies, and HTML form field values. It automatically
identifies and blocks attempts of cookie- poisoning and
unauthorized account access. It prevents tampering of URL query
string parameter tampering or, and other types of browser data
manipulation.
As the icing on the cake Cyberoam WAF provides alerts and logs of
types of attempted attacks, source of attacks, action taken on them
and more which help in complying with the PCI DSS requirements.
Intelligent Threat Mitigation through Cyberoam WAF
Top Related