11 Sep 2015

The availability of IP network based video surveillance systems has transformed the way businesses are able to make the best use of resources to ensure that their assets are protected and that staff can work in a safe and secure environment.

A key feature of Video over IP technology is the ability to control cameras and view live or recorded images from anywhere on the network. This means that a security manager can be based anywhere in the world and yet have immediate access to very high resolution images to allow them to analyse any incident and if appropriate, pass the evidence onto the police for prosecution purposes.

Vulnerable

With high definition IP network cameras and domes increasingly being utilised by companies in order to capture evidence grade images of activity at their head offices and branches, there is the potential for would be fraudsters to gain access to valuable and confidential information.

Deployment of external IP cameras requires the provision of an external network connection to the IP camera device and these external connections could be subject to malicious tampering to gain access to a company’s internal network. Although much can be done to secure and isolate network connections with a fully-managed network switch, and even deploying an entirely separate network for the surveillance system, there are still risks associated with these approaches.

These concerns are particularly relevant where it might theoretically be possible to disconnect an externally-mounted IP camera, access the network through this connection, and potentially detect and disable the other cameras and/or the network video recorder itself. If the surveillance network is bridged to, or part of, the main network, it might even potentially be possible for a well-prepared, highly-skilled attacker to access or otherwise disrupt other systems on that network.

Technology to the rescue

Fortunately there is now a solution available that stops dead any attempt by those with criminal intent, to hack into a network via an IP network based video surveillance system.

Manufactured by UK based Veracity and available exclusively via Samsung Techwin Europe, a unique and ground breaking technology solution called LINKLOCK™ provides a total barrier to all unauthorised network access by fully blocking connections to any cable or equipment that has been tampered with or disconnected. It works by completely disconnecting data and power from the coaxial cable link, providing complete isolation of the affected link. This makes it an ideal protection measure for security-critical installations, such as at banks, where network cabling or video surveillance equipment might be located externally in order to detect, monitor and record evidence of criminal activity including vandalism, ATM skimming and armed robbery, as well as to remotely monitor premises out of business hours.

How?

LINKLOCK™, which is available as an option on Veracity’s HIGHWIRE Powerstar range of Ethernet and POE over coax adaptors, can be used with any make, model or type of IP camera.

On a standard video surveillance system, having a secure or encrypted link over the coax alone does not prevent intrusion as the Ethernet link to the camera would still be open and unsecured. The HIGHWIRE coaxial connection uses a secure proprietary baseband protocol which is point-to-point only. POE over coax powers the HIGHWIRE adaptor at the camera end and the camera itself. However, any attempts to “tap into” or disconnect the coax or network connections is detected by the LINKLOCK base unit which immediately disables POE and data. As result, all external equipment is immediately and completely isolated from the internal LAN.

Added security

The LINKLOCK blocking mode cannot be reversed through the external network or coaxial interface.

To return to normal operation, the HIGHWIRE LINKLOCK base unit inside the building must be physically reset by a contact closure switch across screw terminals on the unit itself.

This protection does not depend on the IP camera being powered by PoE. If powered by a local power supply, the IP camera will still operate when the LINKLOCK blocking mode is triggered, but there will be no communication whatsoever through the coaxial cable. The blocking mode will still work even if a camera is externally powered by an attacker before they attempt to tamper. This is because the Ethernet signal or the HIGHWIRE coax signal must still be physically re-connected or “tapped into” to connect a third party (attacker) device. This will be detected as normal and will trigger the blocking mode.

Effective solution

With several high profile cases recently in the news, LINKLOCK provides an easy to implement and effective solution for businesses (and particularly those who have a duty of care to protect data), that wish to capitalise on the benefits of a Video over IP system without creating an opportunity for criminals to hack into the network.