Video camera users operating under a false sense of cybersecurity

Research from Hanwha Vision Europe reveals a worrying gulf between users’ insistence that their video systems are protected from cyber-attacks – and their widespread failure to implement even simple measures to keep them secure.

The survey of over 1,000 IT and security managers across Europe reveals that an overwhelming 92% of IT and security managers claim their security systems, including video surveillance systems, are protected or highly protected from cyber-attacks.

Yet such confidence appears misplaced, as their organisations are not implementing even basic measures such as changing camera usernames and passwords (26%), ensuring their devices are running the latest firmware (12%), or securing access to Networked Digital Recorders (NDRs) and other devices (6%).

The research also discovered an alarming lack of awareness of cybersecurity regulations and compliance measures among those on whom organisational cybersecurity depends.

With less than one in two (47%) aware of the second Network and Information Security Directive (NIS 2), and only 23% familiar with the Cyber Resilience Act (CRA), these revelations provide cause for concern, as both EU regulations come into effect in October 2024.

Separately, Hanwha Vision’s research also reveals insufficient promotion of cybersecurity best practices at an organisational level. While around one in four (26%) promote the use of Multi-Factor authentication, only one in 10 organisations push the use of strong passwords.

John Lutz Boorman, Head of Product and Marketing at Hanwha Vision Europe, expressed alarm at organisations’ failure to implement even basic cybersecurity measures, as he urged users and the security industry to treat the research findings as a “wake-up call”.

“With the number of cyber-attacks on the rise, and the cost and impact of these security breaches growing all the time, organisations must match words with actions to boost their video network resilience,” Boorman noted.

“Like any IoT device, an unsecured video camera can present a tempting route into an organisation’s network for bad actors – but even simple measures can help close off this path,” he continued.

The research found that failure to follow best practices for keeping video surveillance networks safe from cyber-attack is not unique to any sector and is highly prevalent even in high-risk industries with extensive experience of cybercrime, such as financial services.

“While it is the user’s responsibility to keep their networks secure, it is clearly in the interest of manufacturers and installers to help them maintain system resilience, and the wider security industry must do more to help,” said Boorman.

www.hanwhavision.eu