AMID the ongoing US-Israel war on Iran, a warning was issued in Thailand about unsecured CCTV systems as the Israeli intelligence had access to almost all of Tehran’s traffic camera networks for years and thus were able to create a “pattern of life” of both the Iranian Supreme Leader Ayatollah Ali Khamenei and his security team, ultimately leading to airstrikes that led to his death.
AVM Amorn Chomchoey, secretary-general of the National Cyber Security Agency (NCSA), said in a Facebook post the convenience of connectivity via Internet of Things (IoT) often comes with a lot of risk especially cyberspying.
If organisations want to prevent their CCTV systems or infrastructure from becoming spies for opponents, they should consider implementing the following steps:
1/ Network security:
– Air-Gapping: Highly sensitive systems (such as those in government buildings or military camps) should not be connected to the public internet;
– VLAN Segmentation: Separate the CCTV network from the office network to block hackers who access employee computers to reach the camera system;
– VPN & Encryption: If online viewing is necessary, it must be through a VPN with advanced encryption and data encryption for both transmission and storage.
2/ Device management:
– Hardening: Disable unnecessary camera features, such as access via external web browsers or unused communication ports;
– Change passwords immediately: Do not use default passwords and enforce the use of complex passwords periodically;
– Firmware Update: Regularly update the firmware to head off zero-day attacks by hackers.
3/ Proactive monitoring:
– Intrusion Detection System (IDS): Install an intrusion detection system to alert officials of unusual login attempts or suspicious data exfiltration;
– Zero Trust Architecture: Implement the principle of “not trusting anyone,” even internal staff. Multiple-factor authentication (MFA) is required before accessing the control system.
4/ Supply chain risk management:
– Verify the origin of the equipment: Choose cameras from reliable manufacturers with no history of embedding “backdoors” for sending data back to the country of manufacture;
– Physical Security: Prevent direct access to the camera or signal cables, as hackers may plug data-intercepting devices into the equipment.
In the case of Iran, the alarming aspect is the accumulation of data over years to learn “behaviour” (patterns of life). Therefore, the best defence is to disrupt these patterns, such as changing travel routes or using signal jamming systems in sensitive areas, Amorn said.
CAPTIONS:
Surveillance cameras. Above photo by Korhan Eser, Front Page photo Victor Maina, both via Unsplash
Insert – AVM Amorn Chomchoey. Photo – NCSA
Also read:
100 party-listed, designate-MPs initially verified
No old-timer politicians welcome in Bhumjaithai-led cabinet
No Klatham MPs to vote Anutin for PM unless brought into Bhumjaithai-led coalition
People’s to file duty-negligence, misconduct lawsuit against Election Commission
Bhumjaithai-led coalition finally opts to do without Klatham, Democrats
Public urged to not hoard fuel with diesel price fixed for 15 days
War jitters lead to rush to fill up and stockpile fuel in Chiang Rai, Nakhon Sawan
As Mideast conflict widens, US says attacks on Iran will last weeks and intensify
