Genetec Comments on Washington DC MPD Hack

Author: Brian Karas, Published on Mar 13, 2017

This January, the Washington DC police video surveillance system was hacked with ransomware, impacting 123 of 187 cameras.

Last month, IPVM confirmed that the police system was using Genetec recorders, Axis cameras and Cradlepoint equipment.

Now, Genetec has responded to IPVM's request with a preliminary statement.

Genetec: No Fault In Omnicast

After conducting an initial investigation, Genetec offered the following statement to IPVM:

"To the best of our knowledge, no security vulnerability was discovered, nor exploited within our software or appliances."

They did point out that their investigation is not 100% complete, and that they will be sending a notification to customers running OmniCast 4.1 (the version used by the MPD) once they have all details of the breach.

No Omnicast Updates Planned

Genetec also confirmed that they do not intend to release any patches or updates to Omnicast 4.x as a result of this attack, or the investigations from it. Omnicast 4.x is still actively supported by Genetec, making the lack of patches/updates related to this issue further indication that Genetec believes their software to not be at fault in this breach.

Genetec Promotes Hardening

Get Video Surveillance News In Your Inbox
Get Video Surveillance News In Your Inbox

In a recent blog post, Genetec called attention to their Hardening Guide for 4.x, in particular advising users of Genetec SV-16 or SV-32 appliances: "to carefully review Section 4", which provides tips for securing Omnicast systems.

The key recommendations in this section are as follows:

  • Change the default username and password of any video units or encoders attached to your system
  • Set a password for the Genetec Admin user
  • In the case of a Federated Omnicast system, create a new user with limited rights and a password. This user should only be used to access the Federation service
  • Windows updates should be installed periodically. This will always insure a secure Omnicast environment
  • Change the password of the OmnicastSvcUsr
  • Set up a password for the Omnicast console

Failure Of Best Practices Most Likely Cause

Given Genetec's statements, no software update / fix, and their republishing of a 5 year old document, this implies the MPD incident was most likely avoidable, and the result of not following a basic set of best practices. Over the past several years Microsoft has introduced a number of security fixes for Windows for vulnerabilities related to common services like remote desktop, IIS, and SMB, if the recorders had not received updates to the Windows operating system they were likely vulnerable to several of attack methods.

Potential For Other Genetec Appliances To Be Hacked

While this ransomware attack may not have been specifically attributed to a flaw in the Omnicast software, it did occur to appliances built and sold by Genetec. Other SV-16 or SV-32 appliances that were shipped with the same Windows build, and not updated to Genetec's hardening guidelines are most likely susceptible to similar attacks. Users of these appliances should update them and ensure they are secured to Genetec's recommendations.

Call For Information On MPD Systems

We are still actively gathering information on the details of the MPD systems and attack methods. If you have information, you can email us anonymously at info@ipvm.com or use an anonymous email service, as always we keep the privacy of sources confidential.

3 reports cite this report:

Genetec CEO: You Cannot Buy Trust on Feb 14, 2018
Genetec's CEO, Pierre Racz, delivered a direct message at their channel partner conference: Racz has become a focal point in the industry debate...
Imperial Capital Security Investor Conference Review on Dec 08, 2017
Investment bank Imperial Capital holds an annual Security Investor Conference where 60+ companies present, including this year: IPVM bought a...
Manufacturers Cheer ISC West 2017 Performance on Apr 11, 2017
ISC West 2017 showed strong satisfaction results from manufacturers, similar to 2016's ISC West. 100 manufacturers rated their impressions of ISC...
Comments (21) : PRO Members only. Login. or Join.

Related Reports

Pressure Mounts Against Dahua and Hikvision Xinjiang Business on Nov 19, 2018
Pressure is mounting against Hikvision, Dahua, and other companies operating in Xinjiang as an international outcry brews against the Chinese...
Winter 2019 IP Networking Course on Nov 05, 2018
This is the only networking course designed specifically for video surveillance professionals.  Lots of network training exists but none of it...
HID: Stop Selling Cracked 125 kHz Credentials on Nov 05, 2018
HID should stop selling cracked 125 kHz access control credentials, that have been long cracked and can easily be copied by cheap cloners sold on...
Directory of Access Control and Intrusion Startups on Oct 30, 2018
This directory catalogs access control and intrusion detection startups IPVM has found noteworthy. The directory is provided for your review to...
"New Zealand Govt Uses Chinese Cameras Banned In US", Considers Security Audit on Oct 12, 2018
Newsroom NZ has issued a report: "NZ Govt uses Chinese cameras banned in US": This comes after the US federal government banned purchases of...
IACP 2018 Police Show Final Report on Oct 08, 2018
IPVM went to Orlando to cover the 2018 IACP conference, the country's largest police show (about as big as ASIS), examining the 700+...
China Hacks Video Servers Causing Uproar on Oct 05, 2018
An incident causing an international uproar is hitting home in the video surveillance industry as a Bloomberg report, "The Big Hack: How China...
Evidence Of Hikvision's Involvement With Xinjiang IJOP And Re-Education Camps on Oct 02, 2018
IPVM reveals as-yet unreported details about Hikvision’s activities in Xinjiang - a region of China where massive human rights abuses are being...
Genetec Takes Aim At 'Untrustworthy' 'Foreign Government-Owned Vendors' on Sep 24, 2018
Genetec is taking aim at 'untrustworthy' 'foreign government-owned vendors'. This is not a new theme for Genetec as nearly 2 years ago, Genetec...
BluePoint Aims To Bring Life-Safety Mind-Set To Police Pull Stations on Sep 20, 2018
Fire alarm pull stations are commonplace but police ones are not. A self-funded startup, BluePoint Alert Solutions is aiming to make police pull...

Most Recent Industry Reports

Milestone Disrupts Milestone With Arcules on Nov 19, 2018
Milestone is now competing against... Milestone's own spinout Arcules New IPVM testing shows that Arcules has incorporated a substantial amount of...
Pressure Mounts Against Dahua and Hikvision Xinjiang Business on Nov 19, 2018
Pressure is mounting against Hikvision, Dahua, and other companies operating in Xinjiang as an international outcry brews against the Chinese...
Arcules Cloud VMS Tested on Nov 19, 2018
Arcules is a big bet, or as they describe themselves a 'bold company', spun out and backed by Milestone and Canon.  But how good is Arcules cloud...
'Sticker' Surveillance Camera Developed (CSEM Witness) on Nov 16, 2018
The Swiss Center for Electronics and Microtechnology (CSEM) has announced what it calls the: world’s first fully autonomous camera that can be...
ISC East 2018 Mini-Show Final Report on Nov 16, 2018
This is our second (updated) and final show report from ISC East. ISC East, by its own admission, is not a national or international show, billed...
Facial Detection Tested on Nov 16, 2018
Facial detection and recognition are increasingly offered by video surveillance manufacturers. Facial detection detects faces in an image/video...
Throughtek P2P/Cloud Solution Profile on Nov 15, 2018
Many IoT manufacturers either do not have the capabilities or the interest to develop their own cloud management software for their devices....
ASIS Offering Custom Research For Manufacturers on Nov 15, 2018
Manufacturers often want to know what industry people think about trends and, in particular, the segments and product they offer.  ASIS and its...
Hikvision Silent on "Bad Architectural Practices" Cybersecurity Report on Nov 14, 2018
A 'significant vulnerability was found in Hikvision cameras' by VDOO, a startup cybersecurity specialist. Hikvision has fixed the specific...
French Government Threatens School with $1.7M Fine For “Excessive Video Surveillance” on Nov 14, 2018
The French government has notified a high-profile Paris coding academy that it risks a fine of up to 1.5 million euros (about $1.7m) if it...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact