Network Optix designs our software products to provide high levels of protection against both external and internal cyber security threats. In this document we outline the most common types of cyber security threats, the technologies and process methods we use to secure Powered-by-Nx systems, and some of the proactive environmental approaches our customers can take to prevent the most common types of cyber threats.
What is a Cyber Attack?
A cyber attack is a malicious and deliberate attempt by an individual or organization to breach the information system of another individual or organization.
Why do people / organizations launch Cyber Attacks?
Individuals and organizations have different motivations for launching cyber attacks against vulnerable business systems. According to Cisco often cyber attacks are used for ransom with 53% of cyber attacks resulted in damages of $500,000 or more. Cyber attacks are also sometimes initiated as a form of “hacktivism” with a goal of disrupting normal business operations. In the IP Video world cyber attacks are often executed in an effort to cover up criminal behavior that has been captured.
Common Types of Cyber Attacks
There are many different types of cyber attacks. Some of the most common types include:
Malicious software that installs on computers through a vulnerability in an operating system or a piece of software.
- Malware could potentially be used to intercept user credentials and video streams, or cause the user’s Nx Witness System to function poorly due to interruption in system or network resources caused by the Malware.
Phishing (aka Social Engineering)
Also known as “Social Engineering”. Phishing is a method of sending fraudulent communications - usually email - which mimic a reputable source in order to obtain login credentials.
- Phishing attacks could cause Nx Witness System users to inadvertently give their login credentials to nefarious actors. Nx Witness’ Secure Password Reset functionality ensures passwords are able to be reset / recovered quickly in such an instance.
This type of attack occurs when the attackers insert themselves into the middle of communications between two parties in order to intercept sensitive data. Typically this is accomplished by monitoring network traffic or through the use of Malware.
- Nx Witness secure communications capabilities - including OpenSSL connections, HTTPS communications, and encrypted video traffic - were engineered to address this type of attack.
Distributed Denial of Service Attack (DDOS)
This type of attack is designed to flood systems, servers, or networks with traffic to exhaust resources, effectively killing the system’s ability to perform normally.
- Nx Witness’ secure communications (SSL, HTTPS, Cloud Proxy, Secure Connections, and Encrypted Video) help to prevent DDOS attacks and server health monitoring provides the ability for operators to diagnose DDOS attacks in real-time..
SQL injection occurs when a malicious actor inserts code into a server running an SQL database that forces the server to reveal information.
- Nx Witness utilizes the OWASP standard for prevention of SQL injection attacks and employs additional obfuscation techniques.
Zero Day Exploit
A zero-day exploit hits after a network vulnerability is announced but before a patch or solution is implemented.
- Nx Witness monitors market news regularly and updates our customers about Zero Day vulnerabilities as they emerge, are documented, and are addressed.
In password-based attacks, hackers use software and brute force attacks to access secure accounts.
- Nx Witness has minimum password standards, an invalid login timeout, and a secure password reset / recovery method for Nx Cloud connected Systems.
Cyber Security Protections in Nx Witness
Nx Witness VMS is continually improved to address the cyber security threats listed above by using a combination of secure technology and process measures outlined below.
User Rights Management
Nx Witness has advanced User Rights capabilities that allow Administrators to implement strict controls over what operators are able to accomplish in the system and which resources they are allowed to configure and interact with.
- Single System Owner with Super User rights
- Customizable User Rights & Roles allow customizable access restrictions
- All user actions are logged for review by system administrators
Nx Witness requires a minimum level of security when creating passwords.
- Minimum password strength during account creation
- Secure password reset via Nx Cloud
- Complex Multi-Level Salted/Hash password storage
User Enumeration Detection
- Nx Witness Server and Cloud applications detect and prevent user enumeration (brute force attacks, guess and confirm attacks) through the use of timeouts.
Integration with LDAP
- Integration with LDAP enables centralized management / reset of IT credentials by IT administrators.
Data Integrity Checks
Nx Witness also includes key technologies to ensure the integrity of information within and produced by a system. These include:
Archive Integrity Check
- Nx Witness notifies operators when archived video has been modified indirectly (e.g. deleted / replaced files).
Watermarking for Chain of Custody
- Nx Witness has built-in watermarking, allowing operators or viewers to check the authenticity of a video exported from a system which prevents the manipulation of evidentiary video.
Secure System Communications
Nx Witness includes many protections for system communications over both secure (e.g. LAN/WAN/VPN) and unsecure (e.g. Internet) networks.
OpenSSL for Network Connections
- By default we disable deprecated and insecure protocols and use only TLS v1+. The Transport Layer Security protocol aims primarily to provide privacy and data integrity between two communicating computer applications.
- Server -> Client (Mobile, Desktop, Web) Communications - HTTPS
HTTPS is used by default for all connections.
- Email - TLS / SSL
TLS is the default option for the Email Server.
Encrypted Client-Server Communications
- System administrators can choose to encrypt VMS communications with the “allow only secure connections” option in System Administration settings.
Encrypted Video Traffic
- System administrators can choose to encrypt all video traffic between Clients and Servers with the “encrypt video traffic” option.
Custom SSL Certificates
- Nx Witness supports the use of Custom SSL certificates.
Cloud Connection Proxy
- Nx Cloud securely proxies remote connections to systems, removing the need to open or forward ports on secure networks.
Risk Prevention Methods
Network Optix also institutes processes to ensure threat assessment and resolution is part of our core culture. These steps include:
Extensive Quality Assurance Testing
Nx Witness VMS undergoes rigorous Quality Assurance testing prior to release to identify and remedy vulnerabilities.
External Security Auditing
Nx Witness VMS undergoes regular external security testing and auditing.
Online Support Portal
Network Optix maintains a global support presence with an active support portal and community forum at http://support.networkoptix.com. Customers and partners are encouraged to report issues and work with proactive support team members who are able to remotely assist customers with any issue.
Nx Witness provides regular monthly patches at http://my.networkoptix.com which address emerging security threats and reported bugs.