In movies, there is often such a scene: thieves operate quickly on laptops, and the monitoring screen of the security room flashes, and the picture has been taken over by thieves, so the thieves swagger into the supervision area and even monitor the actions of the security guards in turn, and the security guards are ignorant.
The picture of the movie is far away from us, but because of a piece of news, people in Jiangsu seem to see this scene happening around them. On February 27th, a document issued by the General Office of Jiangsu Province caused a great impact. The document stated that Hikvision monitoring equipment used by the public security system in this province "has serious security risks" and "some equipment has been controlled by overseas IP addresses". Subsequently, although Hikvision released the Instructions for Equipment Safety and the Letter to Users successively, its share price once fell on Tuesday, shortly after the opening. However, its share price rebounded later.
In the end, what is the technical reason of this incident and how big the impact will be? Except for the technicians of Hikvision and the Jiangsu Provincial Public Security Department, it is difficult for others to make a hasty judgment. However, in China, the construction of a "safe city" is vigorously carried out, and the number of cameras deployed in first-class cities is 100,000 or even millions. Today, people have paid urgent attention to what links a complete video surveillance system consists of, how to ensure its security, and what weak links are there? And if there is a loophole in the video surveillance system, what impact will it have?
Complex monitoring system
On February 27th, Jiangsu Provincial Public Security Bureau issued a document saying that Hikvision monitoring equipment used in the public security system of Jiangsu Province "has serious security risks" and "some equipment has been controlled by overseas IP addresses". Then, on the night of February 27th, Hikvision released the "Instructions for Equipment Safety". According to the explanation, some Hikvision devices in Jiangsu public security system on the Internet were attacked by hackers because of the weak password problem. Later on the same day, Hikvision released the Letter to Users again in its official website, saying that the company had "communicated with the Jiangsu Provincial Public Security Bureau for the first time" and organized a technical team to help cities in Jiangsu to modify passwords.
It should be said that Hikville regards this response as timely. However, the information disclosed by Hikvision this time is limited, and it is impossible to confirm the real core link and influence scope of the problem. Therefore, there have been many interpretations of it.
Beyond Hikvision itself, the monitoring system is composed of multiple complex links. The easiest thing for people to understand is the analogy between the monitoring system and the personal computer: the analogy between the monitoring camera and the camera of the computer, the analogy between the monitoring camera network and the cable connecting the camera and the computer, the analogy between the storage and processing link and the computer host, and the analogy between the software scheme of image retrieval and analysis and the media player. In fact, the monitoring system does have the above links, but each link is much more complicated and prone to loopholes.
Popular deduction of nouns: loopholes
To use a metaphor, there are two kinds of software and hardware vulnerabilities. One is that when building a house, there is a gap outside the formal doors and windows, such as vents and sewers. People with a heart can enter the house when they find it, which is a design defect; The other is that the wall is too thin and the lock is not complicated enough. Powerful people can enter the house by smashing the wall and picking the lock. This defect can only be dealt with by strengthening the awareness of prevention. The management of loopholes, just like if you plug the key in the door and don’t pull it out, then anyone can use the key to open the door and enter the house. In reality, using such loopholes is relatively free of time cost and technical threshold, so such loopholes are more serious.
Speaking of vulnerabilITies, it has to be mentioned that any IT system will inevitably have vulnerabilities, which can be seen from the number of patch packages released by Windows. Among them, software and hardware vulnerabilities have higher requirements for manufacturers to deal with, such as Windows security vulnerabilities and the possible real-time streaming protocol disclosed by Hikvision this time, which belong to this category; What is easier to exploit than hardware vulnerabilities is management vulnerabilities. For example, among the two defects that Hikvision voluntarily disclosed this time, the weak key problem belongs to this category.
How safe is that video surveillance system? The first is to look at the physical isolation of this system.
Popular deduction of nouns: physical isolation
Generally speaking, as the guarantee of "safe city", the security monitoring system in the city needs to be built on Intranet, which is completely physically isolated from the Internet.
Generally speaking, if you don’t want the phone calls of yourself and your friends to be heard by any third party, you’d better set up an independent phone line between yourself and your friends without going through the equipment of any third-party operator. At the same time, the telephones you and your friends use are also self-made, so as to ensure that there is no possibility of being monitored; At the same time, these two phones are not connected to the network of third-party operators.
In fact, large-scale monitoring systems such as safe cities need to set up hundreds of thousands of cameras at intersections, banks and ATMs, office buildings, residential areas and other places, and it is unrealistic to lay special lines for all of them. Therefore, many devices will use the Internet line where the device is located, and then connect to the public security private network. The compromise is to set up a firewall between the Internet and the public security private network to prevent other users from connecting to the private network, and at the same time install a firewall on the equipment to prevent other users from connecting to the equipment.
This non-physical isolation leaves the possibility of "breaking through the wall".
In the Hikvision incident, the company mentioned in its explanation that "we have too many devices on the public network", which refers to the lack of physical isolation. Generally speaking, after physical isolation, even if there are loopholes in software and hardware, the impact is very small, because people with a heart can’t get close to the house at all, and they can’t take advantage of the loopholes. The most equipment placed on the public network is the monitoring probe.
How to break the "safe monitoring"?
It is not an easy task to break the monitoring system. Generally speaking, the collection and transmission links are easier to be broken because of less protection. Through simplification, we can divide the breakthrough process into "contact" and "control".
The "contact" link is to break through the isolation and connect to the equipment. For example, your wireless router doesn’t have a password, or the password is just your home number, so others can easily connect to your router. And even if you use complex passwords, others will have a chance to break through by brute force. Similarly, for monitoring equipment without physical isolation, contact can be completed by using technical means or management loopholes to break through the firewall.
And after contact, it is necessary to achieve control. The control link can take advantage of management loopholes or software and hardware loopholes. Among them, some loopholes are design flaws, and some are "back doors" left by designers for management convenience, just like the command of "*#06#" of Nokia mobile phone, the preset "TelecomAdmin" account of telecom router and some control interfaces. If these resources are mastered and used by hackers, they can take over the monitoring equipment. Once the monitoring equipment is taken over, the scene at the beginning of the article may appear in real life.
In addition, if the monitoring equipment is arranged on the Internet, the data may be intercepted by hackers in the process of transmission through the Internet. In this process, although the device itself is still working normally, the data transmitted to the background may be tampered with. The cable TV signal that appeared before was intercepted, and the fake base station that appeared in telecom fraud also belonged to this phenomenon. There was no problem with the TV station and the TV at home, but a new source was connected in the middle, and it was not the program broadcast by the TV station.
At the back end, because most of the main storage devices in the safe city are arranged in the public security private network, it is difficult to achieve "contact", and management loopholes are often more likely to appear. Just like a computer that can’t be connected to the Internet or connected to a USB flash drive, the data inside can also be taken away with a camera. Management loopholes are hard to prevent.
Then, looking back, how much impact will Hikville have on this incident? If the cause of the incident is really like the two defects disclosed by Hikvision, IT is not a very special emergency, but a standard questions that complex IT systems often encounter. As Hikvision pointed out, "This incident will not have a major material impact on the company." But on the other hand, this incident also reminds people that whether it is security monitoring or our daily PC, router and mobile phone, security issues must be taken seriously, so as not to cause great losses.
Related reading
Hikvision resumed trading in Chongqing project on the 3rd, or there may be new actions.
Hikvision responded to the "security door" institutions to cope with the tragic decline after the resumption of trading.
