Protecting surveillance cameras and smart doorbells from intruders | Kaspersky official blog
Credit to Author: Stan Kaminsky| Date: Tue, 05 Mar 2024 13:45:45 +0000
Recently, the Edina Police Department (Minneapolis, U.S.A.) issued a remarkable warning to residents. Following the investigation of nine apartment burglaries, the police concluded that thieves were disrupting the Wi-Fi connection in the apartments. They did this to prevent the home’s smart surveillance cameras from alerting the owners of the danger and transmitting video to them. Is such a technologically advanced burglary really possible? It is. Are there other ways to attack smart-home security systems? Definitely. What can be done about it? Great question. Let’s find out!…
Defenseless defenders
Protection devices — whether they be locks, cameras, alarms, or anything else — should, in theory, be completely secure against any kind of hostile action. After all, they could be deliberately targeted by attackers hoping to break in! Unfortunately, in practice, manufacturers are not always prudent. They make various mistakes: in smart locks, the mechanical part is often not made reliable enough; in cameras, video streams are transmitted openly, allowing unauthorized persons to view or even interfere with them; and in alarms, control channels are poorly protected. This is in addition to other smart-home vulnerabilities that we’ve written about before.
What’s even more worrying is that many of these devices are vulnerable to two really simple attacks: power disruption and communication disruption.
Home Wi-Fi can be disrupted in various ways — from crudely jamming the entire radio-wave frequency range to more specialized attacks on a specific network or Wi-Fi client. There are other ways besides messing with radio waves, too. The internet in a home is usually connected through one of four easily recognizable cables: fiber optic, telephone, twisted pair (Ethernet), or coaxial television. One can reliably disrupt the connection simply by cutting these cables.
In case the entire security system relies on the power grid without backup sources, simply cutting off the power to the apartment can easily knock out the smart protection.
Improving protection performance
Most of the problems described above can be dealt with. As with any security measures, none of the solutions below guarantees 100% protection, but they will significantly reduce the likelihood of a burglary.
Choose the right equipment. All of the issues mentioned above should be considered before purchasing any security systems. This way, you can formulate additional requirements for the equipment:
- an autonomous power supply
- the ability to transmit information without Wi-Fi
- an adequate level of mechanical protection
- the manufacturer’s compliance with high cybersecurity standards
The first two requirements are perfectly combined in cameras that operate using Power over Ethernet (PoE) technology. Both data and power are transmitted through a single cable. You just need to buy either a PoE-enabled Ethernet router/hub or a separate PoE converter and connect it to the power grid using an uninterruptible power supply (UPS). This will make the internet in the home, the functionality of the cameras and sensors, and their connection to the router resistant to power outages and Wi-Fi interference.
If it’s not suitable for you to have Ethernet cables running through your home, you could consider cameras with an autonomous power supply (batteries) or, at worst, cameras connected through a capacious power bank. This would protect against power outages, but the problem of attackers interfering with Wi-Fi would remain. To protect against this, you could choose devices that operate on 3G/4G/5G. It’s worth noting that they’re usually designed for houses rather than apartments, so they often have “outdoor” features: waterproof casing, long-range IR illumination, and so on.
Many cameras have the ability to record to an SD card, but this doesn’t help much in quickly responding to an incident.
A sufficient level of mechanical security is mainly important for locks, but it’s also relevant for cameras, doorbells and sensors, which are directly accessible to intruders. The level of security is difficult to assess before purchasing, but you can search the internet for tests for burglary and vandalism resistance, as well as customer reviews.
Assessing the cybersecurity level of a specific camera or doorbell is also not easy: you’d have to carefully study the manufacturer’s website and its reputation in terms of technical support and release of updates. We’ve given some useful tips on this topic before.
Implement “redundancy”. Even if you’ve already bought some equipment, some additional measures would help improve home security. It’s highly advisable to provide redundancy for the internet channel. Depending on the situation, the backup channel could be launched either through a 4G modem or using a second wired connection and a second router. The main difficulty is configuring the router and the rest of the equipment so that the connection automatically switches to the backup channel when the main one goes down. In some routers this isn’t difficult — the function is called backup channel — while in others it’s impossible. Of course, both routers (if there are two of them) would need power through a UPS. If you don’t already have uninterrupted power, it’s time to get some.
If it’s difficult to provide redundancy for the internet channel and automatic switching at the router level, as a relatively simple alternative, you could install a redundant camera: one would operate through the main internet channel, while the other — through the backup one.
Protect against cyberattacks. To hinder targeted attacks on security devices, it’s important to follow the main rules of cybersecurity, which we’ve written about many times: protect your router, choose strong Wi-Fi passwords, regularly update the firmware of smart devices and the router, and use a comprehensive security solution for all computers, smartphones, and smart devices in your home network.