Arecont and SIA Failing Cybersecurity Efforts

Author: John Honovich, Published on Jul 22, 2016

Do as we say, not as we do.

The effective motto of the Security Industry Association and their cyber board member Arecont Vision. Today, the two companies issued an interview where they talked cybersecurity.

Ironically, though both companies fail following their own guide.

** ** ** ***, *** ** ** **.

*** ********* ***** ** *** ******** ******** *********** *** ***** cyber ***** ****** ******* ******. *****, *** *** ********* ******** ********* ***** **** ****** *************.

**********, ****** **** ********* **** ********* ***** *** *****.

[***************]

The *****

*** ****** ************** *****. ** ** ****** ***************, ********* ********** *************** ****:

******* ** *****.

******* ******* *********.

SIA *******

***'* *** *******, ****://***.****************.***/ **** *** ******* ** *****. 

**** **********, ***'* ***** **** **** *** *** ***** ***** puts ***'* ***** ** **** ** ******* ***** ********* ******:

[******: *** *** *** ***** ***** ***** **** ** *** https]

*******,*** ****** **** * *** *** *** **** ****** ******:

Arecont *******

******* ***** ** ******** ******.

***, ******* ******* ** *** ******* ***** ** ***. ***** about ****? *** ** ***. *** **** ** ******. (*******: **** ****** ******* ******* *** ** ******)

***, *******'* ***** ****, **** ***, **** *** ******* *****:

[******: ******* ****** *** *** **** ***** ****-****, ********* *** login ****.]

*****,******* **** ****** **** * *** *** *** **** ******.

****** *** ******** **** *********, ******* ******** ** ** ******** at ***. ** ** ******* ********* *****:

******* ****** ******* ** *** **** **** ************** *******

"Thought **********"

******, *** *** ******* **** ************ ********** ** ***** '******* leaders'. *** ***** ***** '**********' *** ** ******** ** **** followed ***** ***** ********** **********? **** *** *** ******** ******* ****** than ****?

*** *** **** ***, ** **** **********, **** ******* ** its ************* ***** **** ******* ***** ** ******** *********** ****** in ***** *** *****. ** ***** ****?

Comments (7)

U1: I tell you what! All these shady Chinese crap companies.....

U2: They aren't Chinese bruh

U1: WHAT?

U2: They are American?

U1: (blank stare)

Did that make you feel better? ;)

Maybe this is an opportunity for an independent organization to create a rating system on the security of all web enabled cameras, NVR's, DVR's, access control, alarm systems, home automation......deep breath, commercial controls, wireless access point, switches and routers. Some sort of Penetration Test Rating that at the time of Manufacturing a random independent penetration test was conducted. Of course with all the zero-day exploits coming out all the time the rating could go up and down for model #'s.

The organizational model that comes to mind is the IP Code rating on outdoor rated technology. For example granted that IP66 is good enough for most outdoor installations, but if your national security or 100's of lives are at stake then you may want to use IP69. At least you know you did the best you could given whats available to you.

This would create a lot more clarity in the market especially sales people that are up against the out of the box camera system that can be streamed to a smartphone (Very impressive I know). Just ask these people "Does it concern you that there are self learning autonomous servers running 24/7 scanning for your public facing network weaknesses and exploiting them for no reason besides that's what they are programmed to do?" then they will ask for proof and well this is where a White Hat rating system would be a great to reference to cite.

Update: SIA has fixed their login page issue, Arecont still has not.

Update: Arecont Vision has now gone HTTPS site-wide, including the login page.

IPVM making industry manufacturers websites more secure, one HTTPS site at a time!

IPVM, the fly on the butt of the Old Dog known as the security industry.

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports on Guide

IP Camera Cable Labeling Guide on Sep 14, 2018
Labeling cables can save a lot of money and headaches. While it is easy to overlook, taking time to label runs during installation significantly...
VMS Export Shootout - Avigilon, Dahua, Exacq, Genetec, Hikvision, Milestone on Sep 13, 2018
When crimes, accidents or problems occur, exporting video from one's video surveillance system is critical to proving incidents. But who does it...
Door Fundamentals For Access Control Guide on Sep 12, 2018
Assuming every door can be secured with either a maglock or an electric strike can be a painful assumption in the field. While those items can be...
IP Camera Cable Termination Guide on Sep 06, 2018
Terminating cables properly is critical to network performance, but it can be a tricky task with multiple steps. Fortunately, this task is easy to...
IP Camera Cabling Installation Guide on Aug 29, 2018
IPVM is preparing the industry's first Video Surveillance Installation book and our upcoming Video Surveillance Installation Course. We have...
Inputs/Outputs For Video Surveillance Guide on Aug 24, 2018
While many cameras have Input/Output (I/O) ports, few are actually used and most designers do not even consider them. However, a good understanding...
France Political Scandal Reveals Video Surveillance Problems on Aug 22, 2018
In what French media describes as "the most damaging crisis yet for" French President Marcon, a political scandal has revealed major gaps in the...
SNMP / Network Monitoring For Surveillance 2018 on Aug 21, 2018
Surveillance systems typically rely on the the VMS to report issues, but this most often just means knowing a camera is "down" with no warning or...
Backup Power For Maglocks Guide on Aug 20, 2018
When the main power fails, many believe maglocks must leave doors unlocked. However, battery backed up maglocks are allowed according to IBC /...
Video Analytics Integration Guide on Aug 16, 2018
Video analytics is hot again (at least conceptually) but integrating video analytics with VMSes can be challenging. This is especially significant...

Most Recent Industry Reports

BluePoint Aims To Bring Life-Safety Mind-Set To Police Pull Stations on Sep 20, 2018
Fire alarm pull stations are commonplace but police ones are not. A self-funded startup, BluePoint Alert Solutions is aiming to make police pull...
SIA Plays Dumb On OEMs And Hikua Ban on Sep 20, 2018
OEMs widely pretend to be 'manufacturers', deceiving their customers and putting them at risk for cybersecurity attacks and, soon, violation of US...
Axis Vs. Hikvision IR PTZ Shootout on Sep 20, 2018
Hikvision has their high-end dual-sensor DarkfighterX. Axis has their high-end concealed IR Q6125-LE. Which is better? We bought both and tested...
Avigilon Announces AI-Powered H5 Camera Development on Sep 19, 2018
Avigilon will be showcasing "next-generation AI" at next week's ASIS GSX. In an atypical move, the company is not actually releasing these...
Favorite Request-to-Exit (RTE) Manufacturers 2018 on Sep 19, 2018
Request To Exit devices like motion sensors and lock releasing push-buttons are a part of almost every access install, but who makes the equipment...
25% China Tariffs Finalized For 2019, 10% Start Now, Includes Select Video Surveillance on Sep 18, 2018
A surprise move: In July, when the most recent tariff round was first announced, the tariffs were only scheduled for 10%. However, now, the US...
Central Stations Face Off Against NFPA On Fire Monitoring on Sep 18, 2018
Central stations are facing off against the NFPA over what they call anti-competitive language in NFPA 72, the standard that covers fire alarms....
Hikvision USA Starts Layoffs on Sep 18, 2018
Hikvision USA has started layoffs, just weeks after the US government ban was passed into law. Inside this note, we examine: The important...
Chinese Government Praises Hikvision For Following Xi Jinping on Sep 17, 2018
The Chinese government council responsible for managing China's state-owned companies praised Hikvision’s obedience to China’s authoritarian leader...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact