Showing posts with label NDAA. Show all posts
Showing posts with label NDAA. Show all posts

Saturday, October 1, 2022

Electronic Surveillance Threats

Electronic Surveillance Threats 

In 2017 the Supreme Court ruled in a landmark judgment that privacy is a fundamental right. From sophisticated spyware attacks to mass phishing via smartphones and the rise of facial recognition technology, the range and reach of surveillance threats to human rights defenders is growing.

For security teams trying to keep activists safe, it is a cat-and-mouse game as attackers rapidly adapt to developments aimed at protection.

“When cyber-attackers see people are switching to using (messaging app) Signal, for example, then they will try to target Signal. If people start changing to VPN technology, they will start blocking VPN technology. If people are using Tor browser, they will target Tor traffic,” says Ramy Raoof, tactical technologist with Amnesty Tech.

Automated surveillance equipment has become increasingly common and connected, making the technique more covert and pervasive.  Mobile hacking, social engineering, network monitoring, face recognition technologies, GPS tracking, and various other methods commonly employed to catch and prevent crime and terrorism can also be used against civilians.

Electronic surveillance threats – defending a facility against electronic surveillance is a serious challenge and one that hasn’t been made any easier by the proliferation of computer networks and wireless. Not only are businesses under threat from phone tapping, and video and audio surveillance, wired and wireless computer networks offer attackers a new dimension of intrusion.

Even the simplest electronic surveillance devices are diverse, with room transmitters being among the most common. Their role is to detect all the environmental noise emanating from the location in which they’re planted.

Primary variations with room transmitters relate to differences in power sources. In this case, either battery or mains power and it’s the battery powered devices that are most diverse. Such devices can be secreted inside almost any object allowing for their minimal space requirements. Examples include the inside of pens, calculators, clocks, photo frames, under carpet, behind curtains and underneath or inside furniture.

The types of battery used to power these devices varies too, depending on the design, size and planned use of the device. Self-contained transmitters designed for surreptitious surveillance favour small button batteries or higher performance hearing aid batteries. When size is less of a concern and length of transmission a higher priority, larger and longer lasting batteries can be used, including the latest lithium types.

Average transmission devices typically have dimensions around 19mm x 12mm x 9mm. Should a small transmitter be built into a pen or a calculator, transmission range will be limited, around 15-20m, though the use of lithium batteries will increase the range.

Mains-powered room transmitters draw current either directly from the mains voltage or trickle charge a battery that’s also used to power the device. The advantages of this technique where electronic intruders are concerned include the fact there will be less impact on main power sources that could be monitored for fluctuations. Should mains power be lost the device will continue to operate.

The key technical issue for mains powered transmitters is to reduce 240V of alternating current to a direct current, low voltage output of 6-18V. Designers are required to combine transmission circuitry along with a voltage dropper, rectification, smoothing and voltage stabilization circuits.

As a rule, the most popular way to get the small current and voltage requirements is to use a high voltage capacitor to act as resistance at the 50/60Hz mains supply frequency. Low power can be partially offset by injecting some radio power into the mains.

Should there be enough room and a sufficiently low risk of detection, it’s sometimes possible for a stepdown transformer to be used – this is inherently more reliable that capacitor leakage or dropper resistance techniques. It’s also possible for a transformer to supply a far greater level of power to a strong transmitter.

AC units can be located inside walls, ceilings, under floors, inside office equipment, in mains-powered clocks and within lamps and lamp holders to name just a few possibilities. One of the favoured methods of installing an AC bug is to simply plug in a dummy double adaptor to a power point in the room you wish monitor. Despite the simplicity of this technique, only the most observant would notice and even then, would be most unlikely to consider the appearance of the unit a threat to security.

Electronic intruders wishing to secure a standalone mains-powered transmitter are usually supplied with a square plastic box about 50mm x 50mm x 18mm, or an encapsulating board. There will be a pair of trailing leads coming from these units for connection to the live and neutral lines of domestic AC.

There are still PSTN telephone transmitters. These are connected to target telephone systems and transmit information to a receiving station located nearby. The 2 basic models are the series-connected transmitter and the parallel-connected transmitter. Both types either draw their operating voltage from the PSTN phone line itself, or carry their own batteries that may be trickle-charged from the phone line.

Series connected transmitters are connected between a telephone socket and a telephone. In this configuration, only that extension will be accessed by the listener. But in the event a series transmitter is used and located on the incoming wires of a 2-pair cable on the other side of a telephone socket, all extensions of the line can be accessed.

Muliplex telephone systems make life extremely hard for electronic intruders trying to record communications. Because these systems multiplex more than one signal onto a 2-pair cable, an intruder would need to employ a de-multiplexer to access phones.

Partially connected transmitters are different. Both incoming feed wires are connected to the parallel connected device, and this means the information will be transmitted if either phone is used. With a series device, the wiring of the telephone must be disconnected to allow insertion of the transmitter. But installation doesn’t mean cutting and stripping of feed wires. Instead, the device can be installed in a junction box that offers sufficient room, or even in a telephone.

Series devices are easiest for security managers to detect using one of the counter surveillance devices on the market that alert security staff to temporary disconnection of phone lines. It’s possible for alarm panels monitoring alarm systems to also monitor phone lines for integrity, with any breaches then reported.

Parallel series devices, however, can be installed without temporary line breaks and without effect on resistance. This makes them harder to detect, though if the unit is drawing power from its host, this will cause a voltage drop. Parallel devices are often equipped with alligator clips requiring no more than a few millimetres of cable to be stripped or a pair of bare terminals.

Battery-powered types are harder to detect and more effective in their operation. With their greater operating current, they can achieve greater operating ranges than bugs, giving 500-1000m ranges instead of 25-50m. Even harder to detect are small rain-proof telephone transmitters that can be connected to any point of the exterior wiring as it leaves a building or joins a telephone pole. Such a device might never be detected.

Mobile phones are usually tapped using spyware. This is a whole other science – it’s possible for experts to search for spyware and users might notice quirks like rapid battery drain, though it can be difficult to know whether this is caused by an illicit piece of software, too many open apps, or simply an aging battery.

There are 2 primary groups of microphones available to an individual or organization seeking illicit access to communications. These are omnidirectional and unidirectional. Unidirectional microphones are portable and can be aimed at a target. They’re a parabolic dish-mount device that can be hand-held or tripod mounted. Such units offer excellent results for the electronic intruder. Using a 45cm reflector, high quality sound can be obtained at 250m. This performance increases fourfold if the reflector size is doubled but the unit becomes much more visible.

Omnidirectional units pick up audio signals coming from any point of the compass and in surveillance devices they usually have a diameter of about 6mm. As a rule, these devices will be more effective towards the front. Another type of microphone, the spike mike, is mounted on the end of a spike or probe. Microphones can be connected to the audio input of a miniature transmitter, allowing remote monitoring of conversations.

Like any other internet-connected device, surveillance systems can be vulnerable to attacks without the right cyber-security measures in place. Hackers can easily gain access to poorly configured devices with design flaws or faulty firmware and manipulate or steal data. With cyber-attacks accelerating, surveillance systems need to be protected from vulnerabilities, and require the same vigilance provided to IT systems.

Closed-circuit video cameras to transmit a signal to a specific place, on a limited set of monitors. It differs from broadcast television in that the signal is not openly transmitted, though it may employ point-to-point (P2P), point-to-multipoint (P2MP), or mesh wired or wireless links but transmit a signal to a specific place only. Not for open to all.

Cities in at least 56 countries worldwide have deployed surveillance technologies powered by automatic data mining, facial recognition, and other forms of artificial intelligence.

The ban that prohibits the purchase and installation of video surveillance equipment from HikVision, Dahua and Hytera Communications in federal installations – passed on year 2018 National Defense Authorization Act (NDAA). In conjunction with the ban’s implementation, the government has also published a Federal Acquisition Regulation (FAR) that outlines interim rules for how it will be applied moving forward. Like NFPA, now NDAA law accept globally.

Rules outlined in this FAR include:

·        A “solicitation provision” that requires government contractors to declare whether a bid includes covered equipment under the act;

·        Defines covered equipment to include commercial items, including commercially available off-the-shelf (COTS) items, which the rule says, “may have a significant economic impact on a substantial number of small entities;”

·        Requires government procurement officers to modify indefinite delivery contracts to include the FAR clause for future orders;

·        Extends the ban to contracts at or below both the Micro-Purchase Threshold ($10,000) and Simplified Acquisition Threshold ($250,000), which typically gives agencies the ability to make purchases without federal acquisition rules applying.

·        Prohibits the purchase and installation of equipment from Chinese telecom giants Huawei and ZTE Corporation. This would also presumably extend to Huawei subsidiary Hisilicon, whose chips are found in many network cameras;

·        And, gives executive agency heads the ability grant a one-time waiver on a case-by-case basis for up to a two-year period.

Specifically, NDAA Section 889 creates a general prohibition on telecommunications or video surveillance equipment or services produced or provided by the following companies (and associated subsidiaries or affiliates):

·        Huawei Technologies Company; or

·        ZTE Corporation

It also prohibits equipment or services used specifically for national security purposes, such as public safety or security of government facilities, provided by the following companies (and associated subsidiaries or affiliates):

·        Hytera Communications Corporation;

·        Hangzhou HikVision Digital Technology Company; or

·        Dahua Technology Company

While the prohibitions are initially limited to the five named companies, Section 889 authorizes the Secretary of Defense, in consultation with the Director of National Intelligence or the Director of the FBI, to extend these restrictions to additional companies based on their relationships to the Chinese Government. The prohibitions will take effect for executive-branch agencies on August 13, 2019, one year after the date of the enactment of the 2019 NDAA, and will extend to beneficiaries of any grants, loans, or subsidies from such agencies after an additional year.

The provisions of Section 889 are quite broad, and key concepts are left undefined, such as how the Secretary of Defense is to determine what constitutes an entity that is “owned or controlled by, or otherwise connected to” a covered foreign country, or how the head of an agency should determine whether a component is “substantial,” “essential,” or “critical” to the system of which it is part. The statute also fails to address the application of the prohibitions to equipment produced by U.S. manufacturers that incorporate elements supplied by the covered entities as original equipment manufacturers (“OEMs”) or other kinds of supplier relationships.

Section 889 contains two exceptions under which its prohibitions do not apply:

(1) It allows Executive agencies to procure services that connect to the facilities of a third party, “such as backhaul, roaming, or interconnection arrangements.” This likely means telecommunications providers are permitted to maintain common network arrangements with the covered entities.

(2) It permits covered telecommunications equipment that is unable to “route or redirect user data traffic or permit visibility into any user data or packets” it might handle, meaning a contractor may still be able to provide services to the Government so long as any covered equipment provided is unable to interact or access the data it handles.

The Constitution of India guarantees every citizen the right to life and personal liberty under Article 21. The Supreme Court, in Justice K.S. Puttaswamy v. Union of India (2017), ruled that privacy is a fundamental right. But this right is not unbridled or absolute. The Central government, under Section 69 of the Information Technology (IT) Act, 2000, has the power to impose reasonable restrictions on this right and intercept, decrypt or monitor Internet traffic or electronic data whenever there is a threat to national security, national integrity, security of the state, and friendly relations with other countries, or in the interest of public order and decency, or to prevent incitement to commission of an offence.

Only in such exceptional circumstances, however, can an individual’s right to privacy be superseded to protect national interest. The Central government passed the IT (Procedure and Safeguards for Interception, Monitoring and Decryption of Information) Rules, 2009, that allow the Secretary in the Home Ministry/Home Departments to authorise agencies to intercept, decrypt or monitor Internet traffic or electronic data. In emergency situations, such approval can be given by a person not below the Joint Secretary in the Indian government. In today’s times, when fake news and illegal activities such as cyber terrorism on the dark web are on the rise, the importance of reserving such powers to conduct surveillance cannot be undermined.

Risk of Electronic Security Threats to EHR/HIS is a critical issue because as per the privacy and security rule of The Health Insurance Portability and Accountability Act (HIPAA) the patient’s medical records are to be secured and private which can be accessible only the hospital authorities and the doctors in charge of the patient and the patient himself.

More advanced techniques now no longer require a target to actively click on a link in order to infect a device, explains Amnesty Tech security researcher Etienne Maynier. An attack using NSO spyware on an activist in Morocco covertly intercepted the activist’s web browsing to infect their phone with spyware. “Instead of waiting for you to click on a link, they instead hijack your web browser’s traffic and redirect you to a malicious website which tries to secretly install spyware,” says Maynier.

Successful targeting of well-protected phones is becoming more common and security teams are under added pressure from a burgeoning industry in so-called ‘zero-day’ exploits, in which unscrupulous hackers seek to find unknown vulnerabilities in software to sell. In May 2019, NSO Group exploited a zero-day vulnerability in WhatsApp that was used to target more than 100 human rights activists across the world with spyware.

How to keep your communications safe:

Using public Wi-Fi and VPNs: When you connect to Wi-Fi in a cafe or airport your internet activities are routed through that network. If attackers are on the network, they could capture your personal data. By using a VPN app on your devices, you protect your online activities when accessing public connections, preventing your internet activities from being seen by others on the same network. If you want to explore options, try NordVPN and TunnelBear.

Password management: Using a password manager means you don’t have to worry about forgetting passwords and can avoid using the same ones. It’s a tool that creates and safely stores strong passwords for you, so you can use many different passwords on different sites and services. There are various password managers such as KeePassXC , 1Password or Lastpass. Remember to back up your password manager database. Do not use password like password, ddmmyyyy, admin@123, administrator, administrator1, Super@1234 etc.

Messaging apps: When we advise human rights defenders about messaging apps, we assess each app on its policies (such as terms of service, privacy agreement), its technology (if it’s open source, available for review, has been audited, security) and finally the situation (if the app provides the features and functionality that fits the need and threat model). Generally speaking, Signal and Wire are two apps with strong privacy features.  Remember: Signal requires a SIM card to register, and for Wire you can sign up with a username/email.

Phone basics for iPhone or Android: Only download apps from the official app store to prevent your personal information from being accessed without your consent and to minimise the risk of attacks. Update your system and apps frequently to ensure they have the latest security patches. Enable ‘account recovery’ in case you lose access to your phone. Finally, choose a mobile screen lock that is not easily guessed, such as an 8-digit pin or an alphanumeric code.


Monday, August 15, 2022

Security Cameras in Medical Collage

 Security Cameras in Medical Collage

CCTV surveillance is now an integral part of the overall security apparatus across the world. The university has a significant responsibility to take appropriate steps to protect personal privacy and civil liberties when it operates security camera systems. When successfully deployed, security camera systems enhance overall campus safety and security, deter crime, and otherwise support the protection of people and property. A security camera is defined as video surveillance technology that records people’s activities in order to detect, deter, prevent, or investigate crime or other threats to public safety.

In a bid to improve the quality of medical education in the country, regulatory body NMC has issued an advisory recommending installation of cameras in the premises of all medical colleges and institutions. This is in continuation of the digital mission mode project being run by the National Medical Commission (NMC) and the erstwhile Medical Council of India to ensure and monitor availability of adequate number of patients teaching faculty and also to monitor regular teaching programs in the medical colleges. This is a step forward towards developing a robust monitoring mechanism and providing for transparency and accountability in functioning of medical colleges, official sources said.

If utilised properly, this would also be a way forward for digitisation of the assessment process for approvals being granted to medical colleges either for enhancement of under graduate courses or starting or enhancement of postgraduate courses, they said. "Use of such technology and artificial intelligence would make assessments and instructions transparent and an ongoing process instead of the current one time process," an official source said.

The most important things they can incorporate on all IP equipment are much more tangible—Trusted Platform Module (TPM) and National Defense Authorization Act (NDAA) complianceThe primary concern should be that the vendor is providing a system that is secure and in compliance with ISO 20243, particularly when it comes to assurances regarding the supply chain. Today more than ever, it is essential that video appliances are held to an IT standard, including TPM and NDAA compliance. The importance of making these properties a top priority has become a standard for end-customer expectations.
But installing a CCTV camera doesn’t mean you’re safe; here is a list of seven things you ought to consider before securing your territory with closed-circuit television cameras:

#1) Deciding how you’ll be monitoring the system

If you decide to monitor your system using the Internet, getting an IP Address for your Digital Video Recorder (DVR) or Network Video Recorder (NVR) will equip it to survey and record easily; an Ethernet cable carries all information via the Ethernet witch.

#2) Determining the number of Closed Circuit Television Cameras required

Depending upon the nature of your requirement and the expanse of the area you want to survey, decide on the number of cameras required to ensure complete security. As per the NMC guidelines, the medical colleges have been advised to install cameras at OPDs (depending upon number of OPDs in the college). The cameras should cover the medicine, surgical, gynaecological, paediatrics and orthopaedics OPDs, the highly-visited OPDs in a medical institution.

#3) Positioning the CCTV cameras

Cameras if visible could caution the trespasser. Thus most people prefer having clandestine cameras to having exposed and evident ones! Contemporary CCTV cameras can be easily hidden from view by being in the most exquisite of crevices and clefts in the wall; these places also offer the advantage of protecting the cameras from extreme weather conditions such as hailstorms, high-speed winds, and rains. One camera needs to be installed at the main entrance of the hospital and college and two cameras at the patient registration counter. All lecture theatres in the medical college should be equipped with cameras.

The pre-anaesthesia area, recovery area in the operation theatre complex, faculty lounge and attendance marking areas, anatomy dissection hall, physiology laboratory, biochemistry UG laboratories, pharmacology laboratory, patient attendant waiting area and emergency and casualty ward need to be equipped with cameras, the NMC stated.

#4) Placing the DVR/NVR

It is paramount to secure the digital video recorder (DVR) or the network video recorder (NVR). If you lose the DVR or the NVR to the trespasser, needless to say, you lose all the money you spent on your CCTV camera along with your stolen valuables! If you place your DVR or NVR centrally, you can minimize your cabling cost and reduce the complexity of your closed-circuit television system.

#5) Deciding on power backup of CCTV Camera

The constant power supply would ensure incessant surveillance. Thus make sure you have both constant power supply and a reliable power backup in case of power cuts to ensure security at all times.

#6) Deciding how you’ll be create Secure Network system

NDAA compliance assures that the video recording appliance does not include System on Chip (SoC) or other components capable of processing software from banned Chinese companies. All servers and workstations use NDAA-compliant chipsets as a standard. Having the NDAA seal of approval guarantees that the product is fully supported under those regulations as federal agencies have banned all non-compliant equipment from RFQ’s and projects. Those companies not adhering to NDAA standards are unable to work with any federal organization via a published blacklist. Business and commercial entities are also following suit, as they have privacy concerns consistent with the federal government as well.

Trusted Platform Module enhances computer privacy and security. Consider it a hardware-level security measurement to protect your video recording device from malicious attacks. Once the TPM module is enabledthat physical chip is now permanently tied to that specific server or workstation and cannot be moved to any other system. TPM-based microchips on system boards offer another layer of hardware and intrusion security.

This software agnostic TPM module is utilized for high-level security file encryption, network security, and password management. These modules are secured by cryptographic algorithms and ensure total system security for the most sensitive data on your video recording system. As a matter of fact, TPM modules are a standard requirement from every video management software manufacturer and independent software vendor in the security marketplace.

#7) Testing the CCTV Camera system

After you’re done with the installation process, it is very important to have a test run. Any problems that you might face with your closed-circuit television system, can be best fixed before it’s too late – a stitch in time, does save nine!

#8) Maintaining the CCTV-cameras

Best practices include cleaning the cameras on a monthly basis to rid them of any dirt, cobwebs. Timely replacement of the cables used is also advised to keep the systems from any potential failures in the most crucial of hours.

#9) "Cameras never lie". But how will one know, unless one 'sees' what the camera 'saw'?

Encourages all medical collage authority of CCTV to audit their own CCTV video footage as a standard operating procedure. Regular auditing of CCTV footage by the public means that the Police/LEA have more 'eyes' working for them through crowdsourced surveillance. This enables the Police/LEA in identifying potential threats and dangerous situations before they occur. Also, in the case of a crime, if a standardized incident report is delivered to the Police/LEA by the affected party in PowerPoint carrying the entire story (what, where, when, why, who, how, and the video clip), crime will get solved faster.

The aim is to bring the colleges under the National Medical Commission’s surveillance, protect doctors from any attack during duty hours. There are a lot of brands in the market selling closed-circuit television cameras. The best brands include Infinova, Hanwha Techwin, Avigillon, Pelco, Axis, NUUO, Milestone and GVD etc Solution for reliable CCTV cameras. To get free consultation contact us.



সুষ্ঠ প্রশাসন রোগীস্বার্থকে সামনে রেখে মেডিক্যাল কলেজগুলির দৈনন্দিন কাজে সরাসরি নজরদারি চালাতে উদ্যোগী ন্যাশনাল মেডিক্যাল কমিশন। আর এই জন্য দেশের সব মেডিক্যাল কলেজের মূল প্রবেশদ্বার-সহ ২৫টি স্থানে সিসিটিভি বসানোর ফরমান জারি করল কমিশন। কমিশনের এই সিদ্ধান্তকে বেনজির বলেই মনে করে শিক্ষক-চিকিৎসকদের বড় অংশ। দেশের সব সরকারি বেসরকারি মেডিক্যাল কলেজ হাসপাতালে সিসিটিভি (CCTV) বসানোর নির্দেশ জারি করা হল। আর এই নির্দেশকে ঘিরে চিকিৎসকদের মধ্যে শুরু হয়েছে বিতর্ক। ন্যাশনাল মেডিক্যাল কমিশনের (The National Medical Commission) তরফে একটি অ্যাডভাইজারি করে দেশের সব রাজ্য সরকারকে মেডিক্যাল কলেজ হাসপাতালের মূল প্রবেশদ্বার-সহ রোগীর নাম নথিভুক্ত করার কাউন্টার, আউটডোর এমনকী প্রতিটি ফ্যাকাল্টির শিক্ষক, চিকিৎসকগণ যে জায়গায় দৈনিক উপস্থিতি স্বাক্ষর করেন সেই জায়গাতেও সিসিটিভি বসাতে প্রস্তাব দেওয়া হয়েছে। জাতীয় মেডিক্যাল কমিশনের আদেশনামায় একটি মেডিক্যাল কলেজের অন্তত ২৫টি স্থানকে নির্ধারিত করা হয়েছে যেখানে সিসিটিভি বসাতে হবে। ক্যামেরা IP সম্বলিত ও 4K মাত্রার বিশ্লেষণ যোগ্য সংরক্ষক যন্ত্র সাথে 4K  মাত্রার বিশ্লেষণ যোগ্য প্রদর্শিত  মাধ্যম ব্যবহার করা। 

যেসব স্থানকে সিসিটিভি বসানোর জন্য চিহ্নিত করা হয়েছে তার মধ্যে উল্লেখযোগ্য হল : মেডিসিন, শল্য চিকিৎসা, স্ত্রী শিশুরোগ এবং অস্থিরোগের আউটডোর। ) রোগীর অ্যানাস্থেশিয়া জ্ঞান ফিরিয়ে আনার এলাকা। ) প্রতিটি বিভাগের ফ্যাকাল্টি লাউঞ্জ এবং উপস্থিতি এলাকা। ) লেকচার থিয়েটার। ) মেডিক্যাল পড়ুয়াদের অ্যানাটমি ডিসেকশন হল। ) ফিজিওলজি, বায়োকেমিস্ট্রি ল্যাবরেটরি। ) প্যাথলজি মাইক্রোবায়োলজি ল্যাবরেটরি। ) ফার্মাকোলজি ল্যাবরেটরি। ১০) রোগীর অপেক্ষার স্থান। ১১) জরুরি ক্যাজুয়ালটি ওয়ার্ড।

ন্যাশনাল মেডিক্যাল কমিশনের চেয়ারম্যান ডা, সুরেশচন্দ্র শর্মা তাঁর প্রস্তাবে নির্দিষ্ট করে জানিয়েছেন, সিসিটিভিগুলি যেন ডিভিআর উচ্চক্ষমতার নেটওয়ার্ক যুক্ত হয়। সাংসদ তথা চিকিৎসক সংগঠন আইএমএ তরফে শান্তনু সেন বলেন, ‘‘কিছু অসাধু রয়েছেন। তাঁদের নিয়ন্ত্রণ করতে কমিশনের এই পদক্ষেপ।’’ জাতীয় মেডিক্যাল কমিশনের এই প্রস্তাবে চিকিৎসক-অধ্যাপকদের একাংশ যেমন অসন্তোষ প্রকাশ করেছে তেমনই আরেকাংশ বলছে, এই নিয়ম আগেই ছিল। কলকাতা মেডিক্যাল কলেজের অধ্যক্ষ ডা. রঘুনাথ মিশ্র বিষয়টিকে গুরুত্ব দিতে নারাজ। তাঁর কথায়, কলেজ বা হাসপাতালের কোনও জায়গা সিসিটিভিতে দেখতে না পেলে মাঝে মধ্যে ফোন করে।

মেডিক্যাল কলেজগুলির দৈনন্দিন কাজে সরাসরি নজরদারি চালাতে উদ্যোগী ন্যাশনাল মেডিক্যাল কমিশন। দেশের সব মেডিক্যাল কলেজের মূল প্রবেশদ্বার-সহ ২৫টি স্থানে সিসিটিভি বসানোর ফরমান জারি করল কমিশন যেটা খুব ভালো প্রস্তাব, কিন্তু পাশাপাশি ক্যামেরা চলছে কিনা এবং তা ঠিকমতো সংরক্ষিত হচ্ছেকিনা তা দেখার জন্য প্রতিদিন ভিডিও চিত্র নিরিক্ষণ করা উচিত। IP ক্যামেরা বর্তনীতে যেন এই ভিডিও প্রতিলিপি সুরক্ষিত থাকে সেবিষয়ে নজর রাখতে সেই ধরণের IP ক্যামেরা DVR / NVR  বসানো উচিত। আপনাকে দেখতে হবে সেই IP দ্রব্যটি যেন NDAA অনুমোদিত হয়।  


Monday, November 16, 2020

Access your Hikvision NVR or Camera on Android devices

How to access your HikVision NVR or Camera on Android devices 

Closed-circuit television (CCTV), also known as video surveillance, is the use of video cameras to transmit a signal to a specific place, on a limited set of monitors. It differs from broadcast television in that the signal is not openly transmitted, though it may employ point-to-point (P2P), point-to-multipoint (P2MP), or mesh wired or wireless links but transmit a signal to a specific place only. Not for open to all. This article I write just for HikVision Lover only. Personally I am not support to install Hikvision/Dahua product or OEMN product. Technically 100% unsafe your personal video data.

Day by Day increase hacking of video surveillance camera. Now cyberattacks on CCTV systems making news headlines on a weekly basis of late, there is a good deal of concern and uncertainty about how at risk these systems are, as well as why they are being attacked.

In 2014, a US ally observed a malicious actor attacking the US State Department computer systems. In response the NSA traced the attacker’s source and infiltrated their computer systems gaining access to their CCTV cameras from where they were able to observe the hackers’ comings and goings.

In October 2016, 600,000 internet connected cameras, DVR’s, routers and other IoT devices were compromised and used to for a massive Bot Net to launch what was the largest Denial of Service (DOS) attack the internet had experienced to date.

In the lead up to the 2017 US Presidential inauguration, 65 per cent of the recording servers for the city of Washington CCTV system were infected with ransomware. How did the attack take place? Whilst unknown, it most likely occurred by the same means as other common PC hacks such as infected USB keys, malicious web sites, or phishing attacks.

May, 2018, over 60 Canon cameras in Japan were hacked with “I’m Hacked. bye2” appearing in the camera display text. How did the attack take place? Simple. IP cameras were connected to the internet and were left on default credentials. It appears that the hackers logged into the cameras and changed the on-screen display. What was the impact? Other the defacement of the camera displays and some reputational damage, there doesn’t seem to have been much impact from these attacks.

On Aug 13, 2018, The US President has signed the 2019 NDAA into law, banning the use of Dahua and HikVision (and their OEMs) for the US government, for US government-funded contracts and possibly for 'critical infrastructure' and 'national Security’ usage.

US government is effectively blacklisting Dahua and HikVision products, this will have a severe branding and consequentially purchasing impact. Many buyers will be concerned about:

What security risks those products pose for them

What problems might occur if they want to integrate with public / government systems

What future legislation at the state or local level might ban usage of such systems

On Jun 06, 2019 Hanwha Techwin is dropping Huawei Hisilicon from all of their products. Its belongs to China’s origin. Backdoor entry is open on product.

China's Wuhan Institute of Virology, the lab at the core of coronavirus. The institute is home to the China Centre for Virus Culture Collection, the largest virus bank in Asia which preserves more than 1,500 strains ( https://www.livemint.com/news/world/china-s-wuhan-institute-of-virology-the-lab-at-the-core-of-a-virus-controversy-11587266870143.html ). Result Corona has infected people in 185 countries. Its spread has left businesses around the world counting the costs. Global economy impact. Recession increase. Now people avoid to get china factory made product, electronics goods importing has stopped from china to other country. People looking for product except china. Now come to Video surveillance, access control equipment.

The ban that prohibits the purchase and installation of video surveillance equipment from Hikvision, Dahua and Hytera Communications in federal installations – passed on year 2018 National Defense Authorization Act (NDAA). In conjunction with the ban’s implementation, the government has also published a Federal Acquisition Regulation (FAR) that outlines interim rules for how it will be applied moving forward. Like NFPA, now NDAA law accept globally.

Rules outlined in this FAR include:

  • A “solicitation provision” that requires government contractors to declare whether a bid includes covered equipment under the act;
  • Defines covered equipment to include commercial items, including commercially available off-the-shelf (COTS) items, which the rule says, “may have a significant economic impact on a substantial number of small entities;”
  • Requires government procurement officers to modify indefinite delivery contracts to include the FAR clause for future orders;
  • Extends the ban to contracts at or below both the Micro-Purchase Threshold ($10,000) and Simplified Acquisition Threshold ($250,000), which typically gives agencies the ability to make purchases without federal acquisition rules applying.
  • Prohibits the purchase and installation of equipment from Chinese telecom giants Huawei and ZTE Corporation. This would also presumably extend to Huawei subsidiary Hisilicon, whose chips are found in many network cameras;
  • And, gives executive agency heads the ability grant a one-time waiver on a case-by-case basis for up to a two-year period.

Specifically, NDAA Section 889 creates a general prohibition on telecommunications or video surveillance equipment or services produced or provided by the following companies (and associated subsidiaries or affiliates):

  • Huawei Technologies Company; or
  • ZTE Corporation

It also prohibits equipment or services used specifically for national security purposes, such as public safety or security of government facilities, provided by the following companies (and associated subsidiaries or affiliates):

  • Hytera Communications Corporation;
  • Hangzhou Hikvision Digital Technology Company; or
  • Dahua Technology Company

While the prohibitions are initially limited to the five named companies, Section 889 authorizes the Secretary of Defense, in consultation with the Director of National Intelligence or the Director of the FBI, to extend these restrictions to additional companies based on their relationships to the Chinese Government. The prohibitions will take effect for executive-branch agencies on August 13, 2019, one year after the date of the enactment of the 2019 NDAA, and will extend to beneficiaries of any grants, loans, or subsidies from such agencies after an additional year.

The provisions of Section 889 are quite broad, and key concepts are left undefined, such as how the Secretary of Defense is to determine what constitutes an entity that is “owned or controlled by, or otherwise connected to” a covered foreign country, or how the head of an agency should determine whether a component is “substantial,” “essential,” or “critical” to the system of which it is part. The statute also fails to address the application of the prohibitions to equipment produced by U.S. manufacturers that incorporate elements supplied by the covered entities as original equipment manufacturers (“OEMs”) or other kinds of supplier relationships.

Section 889 contains two exceptions under which its prohibitions do not apply:

(1) It allows Executive agencies to procure services that connect to the facilities of a third party, “such as backhaul, roaming, or interconnection arrangements.” This likely means telecommunications providers are permitted to maintain common network arrangements with the covered entities.

(2) It permits covered telecommunications equipment that is unable to “route or redirect user data traffic or permit visibility into any user data or packets” it might handle, meaning a contractor may still be able to provide services to the Government so long as any covered equipment provided is unable to interact or access the data it handles.

Now we come to short process. First of all we need to find the IP address of the Hikvision device we want to connect too. First of all download SADP. This program will scan your network for Hikvision devices connected on your network.

Older Hikvision devices are shipped with a static IP address of 192.64.0.0, whereas new devices are shipped with DHCP enabled which means they will automatically be assigned an IP address that corresponds to your local network. If you're camera is set to a static IP address you will need to find out what range it needs to be changed to. To find out your local IP address follow the steps below.

  1. click start > control panel
  2. click network and internet
  3. Click network sharing center
  4. click Local area Connection
  5. Look at your IPv4 Default Gateway, it is usually either 192.168.1.1 or 192.168.0.1, however it can differ.

Once you know the default gateway you can set a new IP address for your device. You only want to change the last three digits of the IP address. I would recommend starting the last three digits at 100, so you don't conflict with anything else on your network such as a printer or phone.

If you're not responsible for your network, make sure to check with your IT department or administrators that the IP address isn't already taken.

An example of a set IP address would be 192.168.1.100.

Once you know what IP address to set your device too, you will need the password of the device to set it.
By default the password is 12345 for Hikvision devices.

For a quick overview of what you should see in SADP, check the image below. In the example the IP address is 192.168.1.212, this is because we have a variety of different cameras and devices on our network.

Once all this is set up, your cameras or NVR will be properly configured with your Local Network. You should be able to go into your browser and type in the IP address of the camera/NVR, and it will come up with a log in page.

Getting everything to work in the app


First of all, head on to the play store, as you need to install the iVMS4500 android app. Once you have downloaded the app, go ahead and launch it.

The first time you start up the app you will have to go through a small tutorial, which will show you a variety of cameras in china. Once the tutorial is over, tap the menu tab in the top right corner of the app and then tap the devices tab. from here there will be a plus sign in the top right hand corner. Tap this to add your Hikvision Device.

When you click the plus button you will see the following screen (Minus some information I have already entered) I will explain the options further below.

Alias - what you want to call the device you're adding. Useful for organisation. The alias is exclusive to the app, and doesn't change any actual camera settings.

Register mode - Set this to IP/Domain to add the device via it's IP address properly.

Address - The IP address of the device goes here

Port - usually leave this the same.

Username - admin
Password - 12345

Camera no. - Ignore this part, it will change depending on what device you are adding.

Tap the floppy Disk Icon to save the device.

Now go back, you will return to the devices tab. Uncheck the "Hangzhou, China" device, and check the device you added. From here click live view and you are ready to view your cameras on your local network.

From this point onwards, you will be able to view your Hikvision device on your android device, as long as you are on the same network.

Port-Forwarding, and accessing your devices from anywhere

If you want to access your cameras, or NVR remotely (From anywhere) You will need to have the devices port-forwarded. Port-forwarding is different for each router, but the ports that must be opened remain the same. For more information on Port-Forwarding, and a guide on how to set up your specific router, please head tohttp://portforward.com/.

When port forwarding a Hikvision camera, the ports that should be opened are

Port 80 - HTTP Protocol
Port 8000 - Client Software Port
Port 554 - RTSP Port
Port 1024 - 3G/4G Port, for access via a 3G or 4G mobile connection

Once you have successfully port forwarded your Hikvision device, follow the steps above, relevant to the OS you're using, and then insert the port-forwarded address of the device where the IP option goes.

This view may be slightly choppier, it depends on the speed of your current internet connection.

Q. What is the driving issue behind the National Defense Authorization Act (NDAA),
formerly known as HR5515?
A.     Cybersecurity concerns. In particular, cybersecurity of telecommunications and video surveillance products from specific companies that have deep relationships with a “covered foreign country” government, the People’s Republic of China.

Q.The named companies that are banned by the NDAA are based in China. Does the NDAA ban all video surveillance and telecommunications products and components made in China?
A: No. The NDAA does not ban all products and components that are designed or manufactured in China.
As per NDAA Section 889, f – definitions, 3 – Covered Telecommunications [and Video Surveillance] Equipment or Services, items A through D calls out specifically-named companies “that the Secretary of Defense, in consultation with the Director of the National Intelligence or the Director of the Federal Bureau of Investigation, believes to be an entity owned or controlled by, or otherwise connected to, the government of a covered foreign country [The People’s Republic of China]”.
Hence, the NDAA does not ban products manufactured in China by companies that are headquartered and owned by entities that are not based in China.