Cybersecurity and Nx Witness

Software and cloud products offered by Network Optix provide high levels of protection against both external and internal cybersecurity threats. This document outlines the most common types of cybersecurity threats, the technologies and process methods we use to secure Powered-by-Nx systems, and some proactive environmental approaches our customers can take to prevent the most common types of cyber threats.

What Is a Cyberattack and Why Do Nefarious Entities Launch Them?

A cyberattack is a malicious and deliberate attempt by an individual or organization to breach the information system of another individual or organization.

Individuals and organizations have different motivations for launching cyberattacks against vulnerable business systems. According to Cisco, cyberattacks are often used for ransom, with 53% of cyberattacks resulting in damages of $500,000 or more.

Cyberattacks are also sometimes initiated as a form of “hacktivism” to disrupt normal business operations. In the IP Video world, cyberattacks are often executed to cover up criminal behavior that has been captured.

Common Types of Cyberattacks

There are many different types of cyberattacks. Some of the most common types include:

• Malware – Malicious software that installs on computers through a vulnerability in an operating system or a piece of software. Malware could potentially be used to intercept user credentials and video streams or cause the user’s Nx Witness System to function poorly due to interruption in hardware or network resources caused by the malware.
• Phishing – A type of “Social Engineering”. Phishing is a method of sending fraudulent communications, usually emails that mimic a reputable source to obtain login credentials. Phishing attacks could inadvertently cause Nx Witness System users to give their login credentials to nefarious actors. Nx Witness’ Secure Password Reset functionality ensures passwords can be reset/recovered quickly in such an instance.
• Man-in-the-Middle Attack – This type of attack occurs when the attackers insert themselves into the middle of communications between two parties in order to intercept sensitive data. Typically, this is accomplished by monitoring network traffic or through the use of Malware. Nx Witness secure communications capabilities - including OpenSSL connections, HTTPS communications, and encrypted video traffic - were engineered to address this type of attack.
• Distributed Denial of Service Attack (DDOS) – This type of attack is designed to flood systems, servers, or networks with traffic to exhaust resources, effectively killing the system’s ability to perform normally. Nx Witness’ secure communications (SSL, HTTPS, Cloud Proxy, Secure Connections, and Encrypted Video) help to prevent DDoS attacks,  and server health monitoring provides the ability for operators to diagnose DDoS attacks in real-time.
• SQL Injection – SQL injection occurs when a malicious actor inserts code into a server running an SQL database that forces the server to reveal information. Nx Witness utilizes the OWASP standard for the prevention of SQL injection attacks and employs additional obfuscation techniques.
• Zero-Day Exploit – A zero-day exploit hits after a network vulnerability is announced but before a patch or solution is implemented. Nx Witness monitors market news regularly and updates our customers about Zero-Day vulnerabilities as they emerge, are documented, and are addressed.
• Password Cracking – In password-based attacks, hackers use software and brute force attacks to access secure accounts. Nx Witness has minimum password standards, an invalid login timeout, and a secure password reset/recovery method for Systems connected to Nx Cloud.

Cybersecurity Protections in Nx Witness

Nx Witness VMS is continually improved to address the cybersecurity threats listed above by using a combination of secure technology and process measures outlined below.

User Rights Management

Nx Witness has advanced User Rights capabilities that allow Administrators to implement strict controls over what operators are able to accomplish in the system and which resources they are allowed to configure and interact with:

• User Rights – Single System Owner with Super User rights; Customizable User Rights & Roles allow customizable access restrictions
• Audit Trail – All user actions are logged for review by system administrators.

Password Protections

Nx Witness requires a minimum level of security when creating passwords:

• Password Security – Minimum password strength during account creation; Secure password reset via Nx Cloud; Complex Multi-Level Salted/Hash password storage
• User Enumeration Detection – Nx Witness Server and Cloud applications detect and prevent user enumeration (brute force attacks, guess and confirm attacks) through the use of timeouts.
• Integration with LDAP – Enables centralized management / reset of IT credentials by IT administrators.

Data Integrity Checks

Nx Witness also includes key technologies to ensure the integrity of information within and produced by a system. These include:

• Archive Integrity Check – Nx Witness notifies operators when archived video has been modified indirectly (e.g. deleted/replaced files).
• Watermarking for Chain of Custody – Nx Witness has built-in watermarking, allowing operators or viewers to check the authenticity of a video exported from a system which prevents the manipulation of evidential video.
• Archive Encryption - Nx Witness provides an optional feature that enhances the security of the Nx Server by allowing video archive files stored in the storage volume to be encrypted. Archive Encryption prevents the video archive from being viewed outside the Nx Witness system.

Secure System Communications

Nx Witness includes many protections for system communications over both secure (e.g. LAN/WAN/VPN) and unsecure (e.g. Internet) networks:

• Encrypted Client-Server Communications – System administrators can choose to encrypt VMS communications with the “allow only secure connections” option in System Administration settings. By default, we disable deprecated and insecure protocols and use only OpenSSL TLS v1+ for network connections. All Nx Server to Nx Client connections use HTTPS and the email server uses TLS.
• Encrypted Video Traffic – System administrators can choose to encrypt all video traffic between Clients and Servers with the “encrypt video traffic” option.
• Custom SSL Certificates – Nx Witness supports the use of Custom SSL certificates.
• Certificate Validation - When the Nx Client connects to the Nx System, the Nx System will provide all servers’ public keys to the Nx Client for validation.
• Cloud Connection Proxy – Nx Cloud securely proxies remote connections to systems, removing the need to open or forward ports on secure networks.

Risk Prevention Methods

Network Optix also institutes processes to ensure threat assessment and resolution is part of our core culture:

• Extensive Quality Assurance Testing – Nx Witness VMS undergoes rigorous Quality Assurance testing prior to release to identify and remedy vulnerabilities.
• External Security Auditing – Nx Witness VMS undergoes regular external security testing and auditing.
• Regular Patches – Nx Witness provides regular monthly patches at http://my.networkoptix.com which address emerging security threats and reported bugs.
• Online Support Portal – Network Optix maintains a global support presence with an active support portal and community forum at http://support.networkoptix.com. Customers and partners are encouraged to report issues and work with proactive support team members who are able to remotely assist customers with any issue.

Questions

If you have any questions related to this topic or you want to share your experience with other community members or our team, please visit and engage in our support community or reach out to your local reseller.