Hanwha Vision's Commitment to Cyber Security
Cyber Security by Design
Our cyber security strategy places cyber-attack protection as a fundamental feature of our video surveillance products and solutions. This is taken into account right at the start of the design process, not purely treated as yet another of a long list of useful features.
Prompt Security Vulnerability Response
Wisenet products come with secure pre-configured passwords which users are required to change after setup. These come with minimum mandatory and auto-enforced password protocols, such as prohibiting the consecutive use of the same character and encouraging the use of special characters.
Compliance with international regulations and standards
Using an intentionally created ‘back door’ to gain access to a camera, recorder or network creates opportunities for cyber attacks to take place. Hanwha Vision recognised this as far back as 2012, when we removed a function used for remote customer support that had the potential to enable hackers to exploit it.
NVR Vulnerability Notice
Vulnerabilities have been found in third party technology used on Wisenet recorders with a P2P connection. Download for more information on FW updates and affected products.
Wisenet7
Hanwha Vision’s most powerful chipset to date
With the recent introduction of its new proprietary chipset, Hanwha Vision can yet again claim to set a new standard for IP network video surveillance solutions. The ground-breaking Wisenet7 chipset boasts an impressive list of technologies that are designed to significantly improve the cyber security credentials of Wisenet cameras.
Wisenet cameras equipped with the Wisenet7 not only have achieved UL CAP certification, but they also meet the Secure by Default standard and are NDAA compliant.
- UL CAP Certification
- Secure by Default Certification
- Secure Boot Verification
- Secure OS
- Secure JTAG
Related Products
Secure by Default
Secure by Default
Hanwha Vision is committed to keeping end-user clients’ data safe by doing its utmost to counter the risk of a cyber-attack. The latest generation of Wisenet products and solutions are designed, developed and manufactured with the Secure by Default standard in mind and with a view to assisting users to comply with GDPR. This means that we ensure our surveillance products are cyber and network secure by default, out of the box.
The Secure by Default standard stipulates the following measures:
- Installers should be forced to change the manufacturer’s default password on boot up.
- There should be a strength indicator or ‘weak password not accepted’ facility.
- The device must not have hidden user accounts.
- The device must not have hardcoded account passwords.
- Manufacturers must not be able to assist users recovering lost/forgotten device passwords.
Cyber Security team (S-CERT)
Hanwha Vision recognises the importance of being open and honest with customers when we identify new cyber security threats. We are determined to move quickly to update our firmware to combat them, with the help of our in-house, who are entirely focused on addressing any potential security vulnerabilities in our Wisenet products and solutions. S-CERT team members have been carefully hand-picked for their expertise in being able to identify, analyse and quickly respond with effective countermeasures to any cyber security threat.
Fast Response to Security Vulnerabilities
Found a potential vulnerability? Contact our dedicated Cyber Security team
GDPR
Our Wisenet cameras, recording devices and video management software (VMS) are equipped with features and functions that are able to prevent confidential data from being accessed, copied or tampered with, providing system integrators and end-users with peace of mind knowing that their video surveillance systems comply with the General Data Protection Regulation (GDPR).
Hanwha Vision also provide support for the S-COP video masking software application, developed by our technology partner, VORA Systems. This enables security personnel to quickly and easily redact faces from video in order to protect a person’s right to privacy.
NDAA
Compliance
There are a growing number of acronyms that are regularly used to describe the attributes of video surveillance products, especially with regard to cyber security, but one which may not be on the radar of European installers and integrators is NDAA. While it is a US-based initiative, it still is of importance to many European businesses. The reality is users are looking to the regulations to identify trusted partners for future projects. Additionally, businesses with US-based headquarters may be advised by the parent company to avoid blacklisted manufacturers to ensure higher levels of security.
