Even with the most ‘click baity’ title- we couldn’t be more serious about home security.
With the proliferation of IOT (Internet of Things), connected all the time devices like security systems make great targets for hackers. Just looking around today’s internet connected home you’ll find a plethora of always on, internet connected devices usually configured to be accessible outside of your home. Here’s a brief list of some common home security devices that require outside access.
- Security Cameras
- Network Video Recorders
- Baby Monitors
- Wireless Thermometers
- Wireless alarm PIR’s
- Wireless Door sensors
- Other Home Automation devices
All of these devices essentially listen for your incoming connection in order to provide you with the data you need. Whether it be serving you live images of your security cameras or downloading a file from your router’s inbuilt NAS file server system. Our purpose is to not only make you aware that these services are running but to provide some simple, easy to implement steps to limit and secure the outbound connections these devices make. Some of these do not even have to be on!
Security cameras are especially being targetted more and more. At time of writting, Hikvision devices with remote network access enabled running older firmware (via DDNS, public IPs, etc.) have experienced wide spread hacking over the past month locking out users using default usernames and passwords.
While this was fixed rather quickly- you can never be fast enough when it comes to security.
Security Cameras & Network Video Recorders
Firstly, if you’re using a Hikvision system- you’re in luck. Hikvision have recently gone live with their new Hik-Connect App, essentially a P2P type connection. This alleviates the biggest concerns with nearly all of today’s live security and playback viewers that require 24/7 internet access. You’ll no longer have to manually forward ports and use third party DDNS providers. Our full setup instructions can be found here. While most P2P connections from untrustworthy vendors are to be avoided- you can trust Hikvision.
What if you run another branded system? can you benefit from a similar application that replicates Hikvisions own? Well, yes, and no. While Hik-connect only works for Hikvision IP Cameras and NVR’s, you’ll need to tinker if you’d like the same security enhancement for your own system. To do this we need to setup a Virtual LAN or VLAN. Whilst this can seem complicated, and it is, the end result is much-improved security and stability. Setting up your own VLAN is only really recommended for the networking expert as it requires technical knowledge of both the software and hardware. Contact us if you’d like a quote on a professional installation by a Network Security Expert.
Other steps to greatly improve security are changing the default username and password to something difficult to guess and preferably greater than 16 characters if allowed. Always update your camera and NVR’s firmware as these newer updates can contain security improvements.
Most modems and routers come with handy file serving features built in. Whilst handy for the average home user, they are a very real security concern. Just as with your home security system, these features are always on, listening for incoming connection. This is an easy one to fix. Simply login to your device and disable those services that are usually on by default like Global File Sharing and Print Serving from outside your home network. Easy! As with your security system, always update your password to somthing long and upgrade your devices firmware as they often contain security enhancements and features.
As a new parent myself, being able to instantly check how my little one is doing is fantastic, although unnecessary. Our baby monitor comes with a very suspect, unsigned application that runs on my PC. It essentially connects to my PC to forward video of the camera connected to my network. Simply do not trust these. These applications are almost never updated and almost always poorly secured. Disable any online features unless really needed.
How to check if I’m OK
If you’ve taken the above steps it’s now time to test and see exactly what devices are still open to the world on your network. To do this we use the free and fantastic online tool called Internet of Things Scanner by Bullguard . Simply visit the site, run a scan and it will find any open connections, fast, easily and free. Now that you’ve tightened you IOT Security rest a little easier knowing your online device aren’t available for the world to see.