What you don't know about IP Security Cameras can hurt you

Posted by on 7/6/2018 to Security Tips
What you don't know about IP Security Cameras can hurt you
Cloud-based security camera

Security cameras are not, and have never been created equal. Just like retailers or installers that participate in sales or installations of security cameras are not equal either. Security cameras are designed to help you secure your home or business, and provide you with evidence of what happened at your property. However, when implemented incorrectly, these camera systems often don't provide you with the features or benefits that you need or even worse can compromise your security and privacy. It is extremely important that you select a company that understands all of the facets of not only security cameras but digital security and privacy in general to help implement your new security camera system. Failure to do so will hurt you over the long run.

The differences in security cameras will affect your personal security

Security cameras are a wide-ranging technology, spanning from single camera cloud-type recording systems to professional HD IP cameras with NVR recorders. It is important to understand the benefits and limitations of technology prior to selecting a system for your needs. In many cases, manufacturers have tried to make cameras easier to self-install by relying on P2P (Peer to Peer) technology or Cloud-based recording or connection. There are some flaws with this style of camera that should make you think twice before inviting the technology into your home or business. This is not a new concept, simply do some research on IoT (Internet of Things) and you will see that these types of devices (DVRs, NVRs and IP cameras) are often hacked and used against the owner, or even in some cases against major internet servers and hubs.

P2P Cameras

P2P (Peer to Peer) cameras are a specific subset of security camera technology that includes some cameras and some DVRs or NVRs. With P2P technology, the device (DVR, NVR or camera) sits on your internet connection and connects out to a 3rd party server. When you attempt to connect to your camera(s), your phone connects to that 3rd party server as well, and then accesses your camera through a handshake involving the serial number of your device and password.

P2P security cameras and systems can be dangerous

This P2P tech was created by developers to help solve a problem with traditional camera systems, where a knowledgable technician would have to assist you in getting your camera systems online. In traditional DVR and NVR camera systems, when you connect to your cameras, you would connect directly to your own system over the internet. This would often require configuration of your internet connection to allow these inbound connections. Because this was difficult for some people to accomplish, manufacturers started working on easier ways to connect that would require less configuration. P2P technology was developed, which would rquire users to connect through an outside server maintained to initiate connections. When your camera or NVR is placed onto your internet connection, it immediately and constantly initiates outbound connections to this 3rd party server (often located in China, Russia or other countries where it is cheaper to operate server-farms). When your device connects, because it is already on your network, it bypasses the built-in security of your router or firewall. This is because all of the requests are outbound requests, much like your browser trying to open a web page and getting a response. When you try to connect from your phone or computer, it sends a similar request directly out to the 3rd party server, looking for a specific serial number device and authenticating often with an insecure password. The server will then tell your phone that it currently has a connection with your device, and will connect the 2 devices together.

Big win for ease of use, but because you are bypassing the security of your network firewall and router, this is a nightmare for your IT department and network security in general. Since your device is always connecting out to the internet, and all devices of the same kind are connecting to the same server, often in an insecure fashion, this allows hackers or sometimes even people with access to widely available internet tools to potentially connect to your device. Once even a single one of the same brand and/or model of camera is hacked, people with good knowledge of internet security can hack most of the rest of that device that is on the internet, simply by incrementing the serial numbers.

This information alone should make you pause and think again. However, what can be done once the device is accessed is the part that should make your skin crawl. P2P devices these days are like miniature computers that are sitting inside your 'protected' network. Often when discussing these types of devices with clients, I a, told "I'm not worried, because I don't have cameras INSIDE my office or home". Great, because once infected or compromised, these security cameras or recorders offer free access to your video streams to the attacker, so having indoor cameras that are infected would become creepy even. However, this is just scratching the surface of what can happen once your camera is infected. Because these devices are small programmable computers, the hackers can potentially reprogram the device and force it to listen to traffic on your network, grabbing banking information, credit card information, passwords and more to report the info back to the hacker that compromised it. Infected devices also often become a part of a 'zombie botnet' that can then initiate DDOS attacks onto servers, websites or any target that a hacker wants to try to take down.

Cloud Cameras & Systems

Related to P2P, but not exactly the same are cloud based cameras and systems. These systems generally consist of just 1 or 2 cameras with no centralized NVR or DVR recorder. A recorder is not required, because these cameras are designed to stream video directly over the internet to a 3rd party server. Sound familiar? Well it sort of is. These cameras also bypass your network's built-in security but this time, instead of just contacting a server to see if there are inbound connections, these cameras are streaming your video to this cloud, either constantly or based on motion (depends on camera and configuration).

Bandwidth and video quality can be problematic with Cloud cameras

Cloud recording, on the surface seems like a great benefit: All of your video is stored in the 'cloud' so that you can access it from anywhere and no-one can steal the video. However, the technical limitations of this merit a closer look before deciding on cloud-based architecture.

The lowest HD quality cameras are 1080P (2.0 MegaPixel) resolution these days. The bitrate of a video determines the quality of the video after compression. The bitrate is arguably even more important than resolution when it comes to video quality, as a low bitrate video will appear "blocky" when objects are moving on the screen even when the resolution is HD, while a high bitrate video will appear clear even when objects are moving fast. Standard Bitrates for 1080P resolution video range from 1.0 Mbps to 2.0 Mbps for reasonable quality video. High quality video bitrates for 1080P resolution range from 3.0 to 8.0 Mbps. The Mbps stands for Mega bits per second, which represents the amount of data that the camera streams. In the case of an NVR based system, that data would stream across the LAN (local area network) to the recorder. The cables and switches on the LAN can accept up to 1024 Mbps per camera (approximately) to allow the data to stream to the NVR, so the network will not bottleneck the traffic.

Cloud cameras have data bottleneck problems with video

Unfortunately, in the case of a Cloud-based system, the bitrates have to be GREATLY reduced. This is because today's internet connections will not support the bitrates that would be required for even one, let alone multiple HD security cameras. Internet companies advertise connection rates up to 150 Mbps or higher, however the advertised rates are not the correct figured to look at when determining the streaming capabilities for your cloud-based cameras. Advertised rates are download speeds, or the bitrate of data that you can download per second from a streaming TV service, web page, or any other source. Your cloud-based cameras use upload speed, which is much lower and usually not advertised. Often upload speeds are 1.0 Mbps to 5.0 Mbps at most, and this rating is a burst, not a sustained transfer to the internet. This means that for your internet connection, a single camera cannot even achieve full quality streaming, and this gets even worse if more than one camera is streamed at a time. This makes your 1080P HD streaming cloud camera look great, as long as nothing is moving on the screen. But as soon as someting starts moving, the larger the movement the 'blockier' the video will appear.

So the question to ask yourself is this "Do you care more about the picture quality when nothing is moving, or the picture quality when a vehicle or person is walking to the door?" The former is cloud-based, the latter is an NVR based system.

One last thought when it comes to cloud-based recording before you ignore the image quality concerns I have addressed above: If the video from your indoor camera is being streamed constantly to a cloud-based server, then where is your video actually stored, who has access to the video, and who actually owns the video. These are all questions that should be foremost in your mind prior to installing the camera. These questions are not easy to answer though. The location of the servers that house your video can make a huge difference when it comes to the security and privacy laws that govern that video. How much do you trust the company that sold the camera, because even without considering 'hackers' that company actually has your video stored so employees of that company may be accessing your video and seeing/hearing your private moments. The last question can be answered only by an attorney: Who actually owns your video, and this is important when it comes to legal use of your video. A subpoena to the company that stores your video for you could actually force them to turn over the video...perhaps without your consent. Meaning that your 'own' video could easily be used against you without your knowledge even. This is where cloud-based technology really gets creepy.

Properly Secured IP Camera Systems

At Platinum CCTV, we take your security seriously. This doesn't stop with physical security, but extends into network security and data security. That is why, with our AVM (Advanced Video Management) systems, we carefully design your system to ensure that your video remains your video, and that only you have access to the video. IP cameras have taken a beating over the last 2 years in the media, due to their security and 'hackability'. The vast majority of these reports and claims are due to P2P and Cloud camera technology. The remainder is from inappropriate installation of IP cameras.

Proper IP camera systems will isolate your security camera systems

IP cameras, have had P2P technology built-in for years, so just about every camera on the market will allow direct zero-configuration connection from your phone or PC if you plug it into the internet. If that doesn't scare you, then go back and read about P2P above! This is why, we don't plug your cameras into the internet. It is a pretty simple solution, if your IP cameras doesn't have an internet connection, then it cannot be hacked from the outside, and you don't have to worry about someone else connecting to it. Our IP cameras are so isolated, that they are usually even on a completely physically isolated network from your internet router. Next, we disable P2P connections to your cameras, so it isn't even trying to contact an outside server. Finally, we ensure that we use an NVR (Network Video Recorder) like our AVM system that does NOT have P2P remote access. Yes, it takes a little more configuration to allow the remote connection, but we help our clients with that, and do it in a way that your IT company will support. Our AVM systems are compatible with VLANs, VPNs and any other network security measures.

Take your security as seriously as we do. Call Platinum CCTV at (630)225-0693 to design a security camera system to suit your needs today, or visit our Warrenville, IL showroom

Add Comment