7 Concerns and 7 Solutions of Cybersecurity with Hanwha Vision

Key Concern 01

Can hackers gain access to my network by contaminating my video surveillance devices?

Solution

Once hackers plant malicious codes in firmware, sensitive information (certifications, encryption key, encryption processing, video information, etc) can be leaked.

Wisenet7 chipsets contain Hanwha Vision’s own embedded security platform module, HTPM (Hanwha Trusted Platform Module). Critical information is saved in the Secure Storage of chipsets and processed through the Secure OS.

Additionally, the Secure Boot feature verifies firmware during each step of the device boot, blocking the execution of malicious firmware once infected.

Key Concern 02

Is there a possibility of data leakage during communication between interconnected video surveillance devices(e.g. Camera-server)?

Solution

To achieve safe communication between interconnected security devices, one must use encryption to protect communication and all Devices should be cross-verified and authenticated.

Without mutual authentication, hackers can employ the ‘Man in the Middle’ attack to eavesdrop or tamper with the data during encrypted communication.

Hanwha Vision supports mutual authentication of interconnected devices to prevent hacking during encrypted communication, securing sensitive information from leakage or damage. In 2018, it introduced its own ‘Root CA,’ inserting device authentication to each product in the manufacturing stage. Even if one camera is hacked due to security vulnerabilities, the entire system can still be protected as the authentication is all different for each device.

Mutual authentication between devices enables secure communication, while authentication per device can defend the system against large-scale hacking.

Key Concern 03

Can a third party read or alter my video footage?

Solution

Video footage captured by all cameras is encrypted during the entire process of data transfer, storage and backup.

Without encryption, personal video can be leaked or altered by others regardless of the user’s intention.

Hanwha Vision supports data encryption during video transfer or data storage on camera SD memory cards as well as ZIP encryption for data backup on PCs or other storage devices.

Key Concern 04

Can malicious software break into my security devices through firmware or open and run platform applications?

Solution

Devices compromised by malicious software can give a hacker the ability to run system actions, this will be true for compromised Open Platform apps too.

Wisenet7 security verification checks for data integrity at boot up or after updates.

An electronic signature is employed to secure open platform apps. Each app vendor is supplied with their own key to perform verification every time an app is installed.

These measures can ensure the integrity of Open Platform apps and completely block malicious firmware or apps from operating.

Malicious software will be rendered inoperable by the electronic signature which prevents compromised firmware or apps from running.

Key Concern 05

Can we trust the products that are claimed to meet manufacturer’s own security standards?

Solution

Customers cannot fully rely on products to be secure against cyber threats if the manufacturer only uses its own security testing or standards for cybersecurity.

Hanwha Vision is officially certified for its overall security processes. Proven by the acquisition of the Cybersecurity Assurance Program from UL, and ‘Secure by Default’ certifications from globally recognized safety standard and certification organizations.

By evaluating the objective level of product security and acquiring certifications from expert third parties, we build cybersecurity systems that customers can trust.

Key Concern 06

Do I have to configure the product on my own to make the product secure?

Solution

Cybersecurity as a term is frightening to most individuals for being highly technical and requiring in-depth knowledge. If their additional efforts are required to secure a device, it will not be done or not be done well. Hanwha Vision’s Wisenet 7 products are designed to work straight out of the box without any user intervention and still be useable without creating obstacles to function.

Hanwha Vision also provide documentation in the form of the Network Hardening Guide for those who wish to take the security configuration even further.

Should you not have the time or the know-how to secure your devices, Hanwha Vision has introduced the Wisenet7 range of video security devices to offer robust security without user intervention /right out of the box.

Key Concern 07

What can I do in the case that I find a security vulnerability in the product?

Solution

In the event of a security vulnerability in video surveillance devices, it is critical to quickly analyze the causes and take countermeasures.

Hanwha Vision is operating S-CERT department, a team dedicated to address possible security vulnerabilities and minimize customer inconvenience.

If you suspect security vulnerability, report it to S-CERT (secure.cctv@hanwha.com) with detailed information including product information, symptoms, and step-by-step instructions on how to reproduce the symptoms.
In the event of a security vulnerability, S-CERT resolves the issue as soon as possible and posts the security vulnerability report on the website.

Regular security tests and penetration testing by specialized agencies are conducted to find security vulnerabilities and remove the risks of exposing customers’ sensitive information.

Hanwha Vision’s cybersecurity team S-CERT has established a process of building secure products from the product design stage and reacts promptly in the event of a security vulnerability.

Hanwha Vision is the leader in global video surveillance with the world's best optical design / manufacturing technology and image processing technology focusing on video surveillance business for 30 years since 1990.