What integrators large and small need to know about APTs

An IP camera at a convenience store could be a gateway to a larger target
 - 
Monday, February 3, 2014

DELRAY BEACH, Fla.—An outdoor IP camera may not be the easiest or most obvious entry point for a global cyber gang trying to hack into a corporation, but it could certainly could be—and systems integrators, security directors and manufacturers all have a role to play in ensuring that physical security systems are not vulnerable to hacks, according to experts who spoke at TechSec Solutions on Jan. 29.

Jeremy Brecher, VP technology, electronic security, Diebold, moderated an educational session called, “Is your security system the most vulnerable point on your network?” The panel discussion including the CTO of another national integrator, Chris Peckham of KRATOS PSS; a chief security officer, Adam Williams of Diebold; and an information security analyst for a national insurance company, Anthony Flower of Progressive Insurance.

Williams shared a Techopedia.com definition of an Advanced Persistent Threat attack. APT attacks are “cyber attacks launched by an attacker with substantial means, organization and motivation to carry out a sustained assault against a target. An APT is advanced in the sense that it employs stealth and multiple attack methods to compromise the target, which is often a high-value corporate or government resource. … They often use customized tools and intrusion techniques,” he said.

From the logical security perspective, Flower said: “They do not defeat our security; they find ways around it.”

The ultimate target may be a corporation or critical infrastructure, while the preliminary target could be an IP camera at a convenience store, Brecher said.

And that IP camera doesn't have to be streaming to the cloud. “Anything can be a target on the way to the larger goal,” Brecher said. “[There’s] no requirement for anything cloud, this could be a standard on-premise IP camera, recorder, intercom, access or any other system.”

“APTs are real, they’re no joke,” Brecher said. “In this session we want to look at the realities as they apply to [physical] security systems.”

Peckham said APT attack reinforces the need for a “good partnership between physical and logical security at companies.”

He said integrators need to think about default passwords on cameras and ensure that software updates occur; that data is encrypted; that authentication tools such as 802.1X are used; and that the cloud provider has strong protections in place.

As an integrator, “just because you installed an access control systems five years ago, doesn’t mean you’re done,” Peckham said.

Also, he added, “best practices are key.” He said it’s important they be used by everyone, from the manufacturer, the integrator’s sales people, the installing technicians, and end users and integrators as they maintain security systems.