HANWHA TECHWIN AMERICA SPONSORED CONTENT
By David Uberig, Director of Business, Banking and Financial Development at Hanwha Techwin
According to a recent study by BAE Systems Applied Intelligence, three-quarters (74%) of financial institutions have experienced an increase in cybercrime since the start of the pandemic.
Despite having top-notch security, financial institutions can still be the target of threats involving software and hardware vulnerabilities that could lead to exploitation.
Physical security in the banking industry has evolved into network-based solutions with high-resolution cameras and high-capacity recorders. These devices have operating systems, communication capabilities, and passwords just like any other computer on a network. Any poorly protected device can easily become the attack surface that hackers need to gain access to a financial institution‘s infrastructure.
As a result, IT teams got involved in the process of testing, selecting, and deploying all devices on a bank’s network, including cameras and video management systems (VMS). The shift from the focus on physical security to computer security changed the discussion. Many IT professionals are now rightly asking questions about who a supplier works with and how they secure their products. But, when they’re not sure what to ask, it’s up to the vendors to lead those conversations.
Financial institutions need physical security system providers who understand their cybersecurity concerns and who work to mitigate the risks associated with cyber threats. To get started, they should look for four key cybersecurity metrics.
Device hardening protocols
While changing factory-set passwords might seem like a straightforward action, many institutions struggle to do so. This is in part because of the sheer volume of devices they have on their networks. But it’s also because, during the installation process, many skip this step, assuming they’ll come back to it later. Unfortunately, a single camera that always has the default password can increase a network’s vulnerability to attacks.
Cameras that do not have default passwords and instead require users to set strong passwords before connecting the device to the network help protect banks. In addition, some vendors, like Hanwha Techwin, also offer network hardening guides that reduce the risks associated with poorly protected or unprotected devices.
Given the volume and type of data that financial institutions collect and store, end-to-end encryption is vital. Simply encrypting data in motion is not enough. Financial institutions must also be able to encrypt data at rest.
Encryption of data in motion protects it from anyone who sniffs a system in order to capture data packets passing through a network. On most networks, this means passwords and other account information. In a physical security system, this also means that data is transmitted from the camera to the recorder or from the recorder to the management station.
Financial institutions must always protect data at rest. In a physical security system, depending on IT policy, this can include video stored in cameras and recorders. This data may need to be encrypted in case hackers gain access to the recording platforms themselves.
Hackers are known to take advantage of vulnerabilities in operating systems and third-party applications that were not updated. Keeping up to date with the latest software updates and firmware fixes can dramatically reduce a system’s attack surface.
In order to protect their networks, financial institutions must work with vendors who monitor cybersecurity threats globally, and then produce and distribute patches. The Dedicated Computer Security Emergency Response Team, or S-CERT, at Hanwha Techwin, for example, monitors the evolution of cybersecurity threats around the world and develops fixes to strengthen our devices against these. threat. Thanks to S-CERT, we are constantly working on the sustainability of our cameras.
Work with a trusted supply chain
Banking and financial institutions must work with suppliers who manufacture all aspects of their cameras or security system products and who control their own distribution. End-to-end manufacturing in-house is the best way to ensure parts and chipsets are built according to best practices. When a vendor controls all aspects of manufacturing, it also gives customers peace of mind, knowing that any upgrades or changes are coming directly from the vendor rather than a third-party manufacturer.
To strengthen networks and protect against potentially devastating data breaches, it’s important to partner with physical security providers who already face cybersecurity challenges. A vendor with strong cyber hygiene can help financial institutions install the advanced solutions they need to mitigate cyber threat risks.
Wilson Bank & Trust: Mitigate Cyber Security Risks with a Trusted Partner
Wilson Bank & Trust, a member of the FDIC, is an independent community bank that began operating in Tennessee in 1987. Today, it has mortgage offices, operations centers, ATMs and branches. located in and around Middle Tennessee that serve the city and surrounding rural areas. areas. In total, they have operations and security at around 40 locations. The bank had cameras from multiple manufacturers on multiple systems. Most of them were already 8-10 years old. The image quality was poor and they couldn’t achieve the video retention rates they wanted. Additionally, many cameras had licensing agreements, so they paid fees for products that didn’t meet their needs.
The bank wanted computer-based PoE (Powered over Ethernet) cybersecure cameras that could produce high-quality video and did not require a license. They also wanted DVRs or NVRs that would give them longer term retention rates, 90 days minimum. After researching their options, Wilson Bank & Trust determined that working with Hanwha Techwin cameras would be the best fit for their needs. One of the deciding factors during the decision-making process was that Hanwha cameras are manufactured in-house from end to end. In their view, this was particularly important in mitigating cybersecurity risks.
According to Elvis Huff, assistant vice president and chief security officer at Wilson, “At the time, cybersecurity and network security issues were frequently reported because cameras were compromised for use in distributed denial of service attacks. (DDoS). The ability to work with a company that does everything from chipset and camera manufacturing to software development has been a game-changer for us. We knew it would give us great peace of mind.
The branch branch upgrade included the installation of several panoramic cameras and networked IR dome cameras. The PNM-9020V 180 degree multi-sensor panoramic camera provides up to 30 frames per second at full resolution and is capable of capturing good quality images over a large area. For interiors of branch offices and buildings, they have installed a variety of dome cameras, including the QND – 6010R Network IR. This indoor camera offers a maximum resolution of 2 MP, 30 fps at all resolutions, motion detection, as well as tampering and defocus detection.
Today, the bank has upgraded the security infrastructure at 40 of its sites with Hanwha cameras. By switching to industry-standard PoE IP cameras, the bank achieved significant savings in installation and maintenance costs. The Bank has also installed cameras to record parking entrances and exists. This strategy has previously helped the security team identify a vehicle associated with a fraud case using an image of its license plate captured as it left the facility.
The bank also used the XNB-H6241A ATM Network Camera Kit with 8m cable. These cameras do not disrupt the aesthetics of a branch, which is important in maintaining a positive customer experience. At the same time, these kits have enabled the bank to capture images that are not possible with a traditional top-down view. Images at the waist, which include a person’s face, can be vital when it comes to investigating or prosecuting theft and fraud. Having access to the images from this angle is already proving invaluable. In a recent fraud case involving identity theft, an individual presented fictitious and forged documents at one of the bank’s branches. “Thanks to the Hanwha high-resolution camera, we had a clear image that we were able to use to identify the individual,” Huff said.