Genetec Comments on Washington DC MPD Hack

Author: Brian Karas, Published on Mar 13, 2017

This January, the Washington DC police video surveillance system was hacked with ransomware, impacting 123 of 187 cameras.

Last month, IPVM confirmed that the police system was using Genetec recorders, Axis cameras and Cradlepoint equipment.

Now, Genetec has responded to IPVM's request with a preliminary statement.

Genetec: No Fault In Omnicast

After conducting an initial investigation, Genetec offered the following statement to IPVM:

"To the best of our knowledge, no security vulnerability was discovered, nor exploited within our software or appliances."

They did point out that their investigation is not 100% complete, and that they will be sending a notification to customers running OmniCast 4.1 (the version used by the MPD) once they have all details of the breach.

No Omnicast Updates Planned

Genetec also confirmed that they do not intend to release any patches or updates to Omnicast 4.x as a result of this attack, or the investigations from it. Omnicast 4.x is still actively supported by Genetec, making the lack of patches/updates related to this issue further indication that Genetec believes their software to not be at fault in this breach.

Genetec Promotes Hardening

Get Video Surveillance News In Your Inbox
Get Video Surveillance News In Your Inbox

In a recent blog post, Genetec called attention to their Hardening Guide for 4.x, in particular advising users of Genetec SV-16 or SV-32 appliances: "to carefully review Section 4", which provides tips for securing Omnicast systems.

The key recommendations in this section are as follows:

  • Change the default username and password of any video units or encoders attached to your system
  • Set a password for the Genetec Admin user
  • In the case of a Federated Omnicast system, create a new user with limited rights and a password. This user should only be used to access the Federation service
  • Windows updates should be installed periodically. This will always insure a secure Omnicast environment
  • Change the password of the OmnicastSvcUsr
  • Set up a password for the Omnicast console

Failure Of Best Practices Most Likely Cause

Given Genetec's statements, no software update / fix, and their republishing of a 5 year old document, this implies the MPD incident was most likely avoidable, and the result of not following a basic set of best practices. Over the past several years Microsoft has introduced a number of security fixes for Windows for vulnerabilities related to common services like remote desktop, IIS, and SMB, if the recorders had not received updates to the Windows operating system they were likely vulnerable to several of attack methods.

Potential For Other Genetec Appliances To Be Hacked

While this ransomware attack may not have been specifically attributed to a flaw in the Omnicast software, it did occur to appliances built and sold by Genetec. Other SV-16 or SV-32 appliances that were shipped with the same Windows build, and not updated to Genetec's hardening guidelines are most likely susceptible to similar attacks. Users of these appliances should update them and ensure they are secured to Genetec's recommendations.

Call For Information On MPD Systems

We are still actively gathering information on the details of the MPD systems and attack methods. If you have information, you can email us anonymously at info@ipvm.com or use an anonymous email service, as always we keep the privacy of sources confidential.

3 reports cite this report:

Genetec CEO: You Cannot Buy Trust on Feb 14, 2018
Genetec's CEO, Pierre Racz, delivered a direct message at their channel partner conference: Racz has become a focal point in the industry debate...
Imperial Capital Security Investor Conference Review on Dec 08, 2017
Investment bank Imperial Capital holds an annual Security Investor Conference where 60+ companies present, including this year: IPVM bought a...
Manufacturers Cheer ISC West 2017 Performance on Apr 11, 2017
ISC West 2017 showed strong satisfaction results from manufacturers, similar to 2016's ISC West. 100 manufacturers rated their impressions of ISC...
Comments (21) : PRO Members only. Login. or Join.

Related Reports

BluePoint Aims To Bring Life-Safety Mind-Set To Police Pull Stations on Sep 20, 2018
Fire alarm pull stations are commonplace but police ones are not. A self-funded startup, BluePoint Alert Solutions is aiming to make police pull...
Congressional Letter Urges Sanctions Against Dahua and Hikvision For Human Rights Abuses on Sep 04, 2018
17 US Congresspeople sent a letter to the Secretary of State and Treasury urging sanctions against Chinese officials plus Dahua and Hikvision,...
Hikvision FIPS 140-2 Cybersecurity Certification Examined on Aug 27, 2018
A week after the US government passed a law banning Hikvision, Hikvision announced it had obtained a FIPS 140-2 certification from the US...
France Political Scandal Reveals Video Surveillance Problems on Aug 22, 2018
In what French media describes as "the most damaging crisis yet for" French President Marcon, a political scandal has revealed major gaps in the...
Sony Gen 5 IP Cameras Critical Vulnerabilities on Jul 26, 2018
Cybersecurity vulnerabilities remain prevalent in video surveillance devices. Now Talos researchers have discovered multiple vulnerabilities in...
Hikvision Wins Chinese Government Forced Facial Recognition Project Across 967 Mosques on Jul 16, 2018
Hikvision has won a Chinese government tender which requires that facial recognition cameras be set up at the entrance of every single mosque...
July 2018 IP Networking Course on Jul 12, 2018
Registration is closed. This is the only networking course designed specifically for video surveillance professionals.  Lots of network training...
Belgium Bans Private Facial Surveillance on Jul 06, 2018
Belgium has effectively banned the use of facial recognition and other biometrics-based video analytics in surveillance cameras for private,...
Hikvision Corrects False Cybersecurity Announcement on Jun 18, 2018
Hikvision has corrected a false cybersecurity announcement that claimed a British government-sponsored program endorsed the cybersecurity of...
The Dumb Ones: PSA's Bozeman On Cybersecurity on Jun 15, 2018
The smart ones are the hundred people who flew to Denver and spent $500+ on a 1.5-day conference featuring (now US government banned) Dahua as a...

Most Recent Industry Reports

Alexa Guard Expands Amazon's Security Offerings, Boosts ADT's Stock on Sep 21, 2018
Amazon is expanding their security offerings yet again, this time with Alexa Guard that delivers security audio analytics and a virtual "Fake...
UTC, Owner of Lenel, Acquires S2 on Sep 20, 2018
UTC now owns two of the biggest access control providers, one of integrator's most hated access control platforms, Lenel, and one of their...
BluePoint Aims To Bring Life-Safety Mind-Set To Police Pull Stations on Sep 20, 2018
Fire alarm pull stations are commonplace but police ones are not. A self-funded startup, BluePoint Alert Solutions is aiming to make police pull...
SIA Plays Dumb On OEMs And Hikua Ban on Sep 20, 2018
OEMs widely pretend to be 'manufacturers', deceiving their customers and putting them at risk for cybersecurity attacks and, soon, violation of US...
Axis Vs. Hikvision IR PTZ Shootout on Sep 20, 2018
Hikvision has their high-end dual-sensor DarkfighterX. Axis has their high-end concealed IR Q6125-LE. Which is better? We bought both and tested...
Avigilon Announces AI-Powered H5 Camera Development on Sep 19, 2018
Avigilon will be showcasing "next-generation AI" at next week's ASIS GSX. In an atypical move, the company is not actually releasing these...
Favorite Request-to-Exit (RTE) Manufacturers 2018 on Sep 19, 2018
Request To Exit devices like motion sensors and lock releasing push-buttons are a part of almost every access install, but who makes the equipment...
25% China Tariffs Finalized For 2019, 10% Start Now, Includes Select Video Surveillance on Sep 18, 2018
A surprise move: In July, when the most recent tariff round was first announced, the tariffs were only scheduled for 10%. However, now, the US...
Central Stations Face Off Against NFPA On Fire Monitoring on Sep 18, 2018
Central stations are facing off against the NFPA over what they call anti-competitive language in NFPA 72, the standard that covers fire alarms....
Hikvision USA Starts Layoffs on Sep 18, 2018
Hikvision USA has started layoffs, just weeks after the US government ban was passed into law. Inside this note, we examine: The important...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact