Do not leave your DVR vulnerable to hacking over the internet or by staff by not removing default administrator passwords.
It might sound obvious but you would be amazed how many businesses leave their whole CCTV vulnerable to hacking by not changing the manufacture passwords. It does happen! Any savvy person with basic PC knowledge can find a way to overcome your CCTV security if they have access to your network and the default passwords have not been removed. They could be staff, competitors or malicious hackers. A DVR is generally directly accessible from the web if the IP address of the internet connection is known. This means that if someone, wishing to hack into your CCTV system, who knows the IP address can get right to the user name and password sign in page of your DVR. This is not a big problem if you have set a unique user name and password and removed all the default ones that come with the DVR when it is delivered. The cleverest user name and the trickiest password are just ignored and the default admin and 1234(or similar default password) are used. Hackers, who get to the log on page, can often identify who the manufacturer is – based on the welcome page. All they need to do is to go to the relevant manufacturer web site and download the user manual, which list the default passwords. Armed with the default passwords, Hackers can then take control to stop recording, erase files and reset any log files so you wonÃ¢â‚¬â„¢t even know they have been there. In one foul stroke hackers can defeat everything that you were trying to achieve with CCTV. You should ask your CCTV installer to remove the default passwords and if necessary set up a service password so that he or she can access remotely to assist etc., without you having to reveal your password. If you have a dedicated internet connection for your CCTV and the IP address is not broadcast you are of course less vulnerable to such an attack. However, many medium size businesses share the same connection for CCTV as their WiFi internet connection meaning that bad people with very little specialist knowledge can sniff your IP address and get to your DVR. So what should you do to limit the risk:
- Set a secure user name and password – as complicated as you can manage and never adminuser password
- Remove or have removed (we can help) all factory default passwords and keep a list of who has knowledge of which password.
- Create a separate service user name so that you do not ever need to reveal your password.
- If the feature is enabled on your DVR, set up different permissions for various types of users (Staff, Managers etc.)
- If the DVR connection is shared with a WiFi router turn off the SSID function unless it is really required.
- Monitor your recordings for unexplained interruptions and empty log files
- Be vigilant.
For more advice on CCTV security or indeed any advice regarding safeguarding your system or upcoming project feel free to contact Kilian, Eoin or Serge at CCTV Camera London0870 770 5077 or [email protected]