By: Nick Stigers, LENSEC Sr. Systems Support Engineer
It’s easy to see how lack of password management can open a vulnerability into your network. Cybersecurity experts don’t have to go far to demonstrate gaping holes in an enterprise network. When default passwords are in place, they can easily access IP cameras and other edge IP devices.
This is not even hacking, it’s simply accessing open IP devices. No hacking is required when a person can easily log into a camera using a manufacturer’s default password. This is easy to fix. Security managers and enterprise stakeholders should insist on proper security system protocols to never allow default passwords to be used.
When password vulnerabilities are demonstrated by cybersecurity experts, it’s easy to imagine how a person with ill intent and little skill could create huge disruptions in a businesses network. During the LENSEC Winter Conference in December, Jamie Bradford with Razberi Technologies expressed the importance of a strong password management plan.
Bradford says, “The bad actor can use default login credentials that are easily accessible to the public to gain access to IP devices such as security cameras, and gain access to exposed services, and find exploits in firmware. These exploits take advantage of a bug or vulnerability in order to cause unintended or unanticipated behavior. Once the camera is accessed, the bad actor can discover services exposed by the camera. We recommend turning off unnecessary services that may act as a backdoor for hackers or viruses. All of this can be avoided by practicing secure password management.”
The National Institute of Science and Technology (NIST) has been promoting new passwords security guidelines for federal agencies and contractors. The NIST guidelines point to long passphrases instead of complex passwords. The passphrase is a “memorized secret” that sequences text to authenticate identification. The NIST outlines their standards for federal agencies and contractors on securing digital identities in a recent report.
Keep Passwords Unique
It’s important to keep some uniqueness with passphrases and passwords. For passphrases, using a random series of words, non-English words, and avoiding commonly spoken phrases helps to keep the passphrase complex and unique. Individuals often develop passphrases based on commonly spoken phrases along with book, movie, and song titles. Password cracking algorithms have adapted now include these items in their routines. While the passphrase itself is strong and complex, the passphrase can be easily guessed due to the common use of the phrase.
Avoid performing password transformations when it is time to update a password. Transforming a password is a technique where the same basic password is continuously used with slight alterations. Passwords are often transformed by adjusting a digit or changing a letter character into a special character of similar appearance. An example is changing your password, “baloney” to “B@loney1.” This practice turns strong passwords into weak passwords since it creates predictable patterns.
All who use passwords know that managing them is difficult, and memorization of complex passwords doesn’t come easy. So, please consider some of the ideas we’ve presented to secure your cameras, IP devices, and network infrastructure. Any form of password management is better than none. Seize the day, and practice safe password management. Your security footprint will be more secure as a result.
Check with our professional LENSEC Technical Support Team. They have collective expertise to help you deploy Perspective VMS® and provide knowledge that will lend best practices to the security integrator and their customers. If our team can support you, please call us at +1 (713) 395-0800 + Option 1, or email us at [email protected].
