Stopping Surveillance 'Videojacking'

Author: John Honovich, Published on Feb 16, 2011

A rising fear among security professionals is that surveillance video can be 'hijacked' and put on the Internet, resulting in embarassment or worse for the organization involved. A number of people are calling for more sophisticated and secure techniques to protect surveillance video. Unfortunately, such techniques do little to address the real risk and key threats to surveillance video.

A good example of the common but faulty recommendations offered can be found in a Feb 2011 Retail Solutions Online article where end to end encryption from the camera through the monitoring client is advocated. While this is technically possible (in at least some systems) and may be important for proving the validity of evidence in court, it does little to address the threat of videojacking.

**** ** *** ****** **** *** *********** ** ******* ************* are ****** *** ****** ****** - ****** ******** ********* ** incident (*.*., ********** ****** *****) ** ** ******* *** ****** ** * ******** ******* surveillance ***** (*.*., *************** ******** ****). ****** ******* ** **** *** ***** *** ** ******* and ***** ************ *****.

****** *** * **** **** ********* ****** ******* ******* ************ video **** *******. **** ******, *****'* ** **** ** ** a ********** ****** ** ******* ****** ** ****** *** *****. Just ** ****** *** ******** ** *** ******** ********** ****** and ***** ****** ** **** *****. ** ********, ******* ************ systems ** * *** ** **** *** ********** ****** **** compared ** **** **** *** *** ****** ** * ********* network (*** *** ******/********** **** ******* ** ******* * ***** ****?).

** **** ****** ** ******, ** *** * *********** *******:

  • ********** ******** ****** **** ****** ****** ** ***** ***** ***** is ************
  • ********** ****** ******* ** ***** ************ *******

*** ***** ****** ** ********* *** ******** ****** *** *** in * ******* ******** ****. ** ****, *** ****** ******, controlling ****** ** ************ ******* ** ***. **** ***** ***** their ************ ********** ******** ** *** ***. ***** **** ********* convenience *** ** ***** ********* ** *** ****** ******* **** in ** ****'* ********* ** * ********, ************ ****** ***** that ******* **** * ***** *** ******* ************ ***** ** a ******. 

******* ** ******** ****** ******* ******** *** ****** ** ********* to ****** ******** ***** *** ************* ****** *** ***** ***** inactivity. ******* ********* *** **** *****, ** ************, *** ***** users ***** ****** ********/********* ('*****' *** '*****' ** '*****' ** 'admin'). **** ***** ******** ********* ********* ***** ********** *** ****** that ******** ****** ****** *** ******.

******* ** ****** ******, ******** ************ **** *** ** ****. The **** ********* *** ** ****** **** ** ******* ******** access ******* ** *****, *** **********.

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports

Bosch G-Series Intrusion Tested on Jul 26, 2017
Bosch is one of the biggest names in intrusion, and the company's G-Series panels are their most advanced commercial and high-security panels. But...
Dahua Suffers Second Major Vulnerability, Silent [Finally Acknowledges] on Jul 25, 2017
Less than 3 months ago, Dahua received DHS ICS-CERT's worst score of 10.0 for their backdoor. Now, Dahua has received another 10.0 score for a new...
Wireless Burglar Alarm Sensors Guide on Jul 21, 2017
Wireless sensors for burglar alarm sensors are an increasingly common option for the historical labor intensive wired alarm systems. However,...
PR Campaign Exploiting Manufacturer Cybersecurity on Jul 20, 2017
Manufacturers increasingly have a bulls-eye on their back. As cyber security solutions providers grow, they realize a great way to get publicity...
Hikvision USA Head of Cybersecurity Exits on Jul 18, 2017
Hikvision USA's Head of Cybersecurity has exited the company. In this note, we review the move, share Hikvision's feedback and examine the...
Alarm.com Tested on Jul 13, 2017
Alarm.com has become the dominant force in smart home / remote service platform, with ~70% market share, combining their own traditional offering...
Genetec Mission Control Tested on Jul 13, 2017
Genetec continues to move up market with their Mission Control, "Decision Support System", bringing PSIM-like procedures and incident management to...
Wrongly Accused Critical Vulnerability for Vivotek on Jul 13, 2017
Vulnerabilities are an increasing branding and business problem for video surveillance manufacturers. However, sometimes vulnerabilities reported...
ONVIF Chairman Criticizes Low Cost Cameras (Also, He Works At Axis) on Jul 12, 2017
ONVIF Chairman Per Björkdahl has taken a strong public stance against low cost cameras that are 'much more vulnerable to attack' as he explains in...
Smoke Detectors Guide on Jul 06, 2017
Smoke detectors and carbon monoxide detectors add a life-safety component to burglar alarm systems. As intrusion detection sensors are used to...

Most Recent Industry Reports

$28M Drone Detection Startup Examined (Dedrone) on Jul 25, 2017
Dedrone has received ~$28M in funding to build what they call an "automatic anti-drone solution", a system to detect drones, and then automatically...
Dahua Suffers Second Major Vulnerability, Silent on Jul 25, 2017
Less than 3 months ago, Dahua received DHS ICS-CERT's worst score of 10.0 for their backdoor. Now, Dahua has received another 10.0 score for a new...
Hikvision H.265+ Bullet Tested (2035) on Jul 24, 2017
Continuing our tests of Hikvision's new low cost Value Plus line, we bought and tested the 3MP DS-2CD2035FWD-I, now including H.265+. We shot the...
Sports Stadium Security Design Recommendations on Jul 24, 2017
Sports stadiums pose many challenges for designing security systems. The facilities vary from being mostly vacant, to packed with tens of thousands...
Competing Against Convergint on Jul 24, 2017
No integrator is more aggressively expanding than Convergint Technologies. Owned and funded by private equity firm KRG, Convergint has acquired...
Security Robots Are Just Entertainment on Jul 21, 2017
Great entertainment, no real security value.  That is the happy (or sad) state of security robots in 2017. Knightscope robot's drowning, the...
Wireless Burglar Alarm Sensors Guide on Jul 21, 2017
Wireless sensors for burglar alarm sensors are an increasingly common option for the historical labor intensive wired alarm systems. However,...
Competing Against ADT on Jul 20, 2017
ADT is one of the biggest players in the security industry, with ~$4 billion revenue. In 2017, they were acquired / merged with Protection...
Hikvision Launching Deep Learning Recorders on Jul 20, 2017
Hikvision has become a common choice for super low cost NVRs. Now, Hikvision is aiming to move up market, with deep learning NVRs that claim far...
PR Campaign Exploiting Manufacturer Cybersecurity on Jul 20, 2017
Manufacturers increasingly have a bulls-eye on their back. As cyber security solutions providers grow, they realize a great way to get publicity...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact