Britain’s vast network of CCTV cameras is vulnerable to hacks watchdog warns
Image credit: DT
Britain’s network of CCTV cameras are vulnerable to attack by hackers according to a watchdog.
Surveillance camera commissioner Tony Porter flagged up the possible risk of intrusion on the public by “individual and state actors”.
He pointed to a major cyber incident in Washington DC in January 2017, in which more than 100 cameras were infected with ransomware.
The UK currently holds the record for the largest number of CCTV cameras per person. Although it only contains 1 per cent of world's population, its citizens are watched by 20 per cent of the world’s CCTV cameras. Research in 2013 estimated that there are up to six million cameras in the UK, and the network is expected to expand even further.
“The risk potential for intrusion on citizens has significantly increased both by lawful operators of surveillance camera systems and those individual or state actors who seek to hack into systems,” Porter said. “Cyber security has moved to the top of the security agenda.”
Publishing his annual report for 2016/17, Porter said surveillance cameras are not always recognised as potential hacking targets.
“As we move from analogue to digital surveillance, most cameras are plugged into corporate IT networks. If your camera is not suitably protected you are potentially opening up a back door for organisations that choose to hack."
“What we are saying is that cameras are potentially your vulnerable point. You must ensure that you apply the same level of IT security to your cameras as you do to your mainframe.
“There is a whole host of areas where data could be accessed through insecure surveillance networks," he continued. “I am concerned at the incrementally intrusive development of surveillance cameras in the everyday lives of citizens.”
The assessment also called for the Automatic Number Plate Recognition (ANPR) system to be placed on a statutory footing.
ANPR is one of the largest non-military databases in the UK, with around 9,000 cameras nationally that capture between 25 million and 40 million pieces of data per day, while up to 20 billion “read” records are held.
Porter described this activity as “formidable”, saying: “The nature of its capabilities to intrude on privacy by building patterns of travel and the provision of imagery should not be underestimated.
“I firmly believe that this system needs legislative oversight and that the Government should place this system on a statutory footing.”
The watchdog noted that arguments have been advanced that the number of manufacturers of number plates should be limited, but suggested that a system of stricter controls may be needed, similar to the production of driving licences and passports.
A Home Office spokesman said: “Automatic number plate recognition gives police vital evidence to protect the public. There are strict rules in place for how the ANPR database can be used and who can access it."
“The Surveillance Camera Code of Practice sets out clear rules to be followed to guard against unauthorised access and use of surveillance cameras.”