Real-time video applications, such as closed-circuit TV, security systems and IoT monitoring or broadcast services, have become a part of everyday life. However, the security considerations of a breach involving video have often played second fiddle to the better-publicised breaches of “corporate” data.
As network performance and accessibility have improved, the proliferation of hi-definition video applications and solutions have increased enormously. There was a time when video surveillance was limited to the most secure premises, now it is used everywhere.
Smile, you’re on camera
According to a recent report, Beijing is the most monitored city in the world, with an estimated 470,000 CCTV cameras. London is a close second with 420,000, meaning the average Londoner is caught on camera over 300 times a day.
The applications for video are many and varied. In addition to traditional asset monitoring protection, CCTV is used to monitor traffic volumes in major cities, secure international borders, monitor patients in healthcare facilities and inmates in prisons. Moreover, it plays essential roles in casinos, playgrounds, schools and critical national infrastructure such as energy plants and oil refineries.
Video is also used for both crime detection and prevention, with advances such as motion tracking, facial recognition, night vision and ANPR being used to combat criminals. Video is now widely used at sporting arenas to identify troublemakers and even in casinos to make sure nobody cheats the house.
To do so effectively, CCTV video must also be high-definition and that involves a lot of data being carried across public network infrastructure. This is where the risks of eavesdropping and data manipulation occur.
Commoditised pricing and the IoT revolution have also put real-time video monitoring in the hands of individual consumers, with mobile apps capable of serving live feeds to mobile devices halfway across the globe.
Securing video networks
The information-rich, and often sensitive, nature of video content makes systems’ security a priority; not just in terms of citizen privacy, but also in terms of integrity and authenticity of the feed. When we start thinking about the integrity of a feed, it’s easy to summon up images of Hollywood heist movies. There’s always one tech in the team whose job it is to hack the surveillance system and insert rogue data, if not eliminate evidence.
There was a time when this might have been a little fanciful, but in the 21st century, we use real-time video streaming to do more than monitor the inside of a vault. Much of our critical national infrastructure security is dependent upon video surveillance. The implications of compromised systems protecting critical infrastructure are more existential.
The CCTV data security problem lies in the public data networks transporting the feeds. These cannot feasibly be made secure. The best protection for both the data and the networks is end-to-end encryption.
Not all encryption technologies are the same. The most effective way to secure network data is through the use of end-to-end encryption. Importantly, the use of encryption protects data from potential man-in-the-middle attacks, including data injection or extraction.
The capture now, decrypt later nature of some data breaches is not as relevant for video feeds, where attacks tend to be more immediate in nature. That’s not to say that value can’t be found from older footage, especially when it comes to privacy issues.
Then, the biggest challenge for video systems security comes in ensuring the quality and immediacy of the feed. Any encryption solution needs to add security without adding latency, jitter or image degradation. The best encryption solution provides maximum security without compromising CCTV performance.
Case study: CCTV for international law enforcement
Case study: CCTV for patient monitoring