1. CS155 Computer And Network Security
Answer:
The development of the Internet of Medical Things (IoMT) has brought about a major
change in the way conditions are managed; improved disease diagnosis and therapy
approaches, and healthcare costs and mistakes are reduced. Both consumers and all
frontline health practitioners have seen a significant improvement in the quality of
treatment as a result of this move. Security and privacy breaches are still a concern for the
IoMT because of the large range of IoMT suppliers and products on the market, along with
an enormous number of devices transferring sensitive medical data wirelessly into the
cloud. This might be used to collect and resell confidential information about a consumer.
The catalog's main purpose is to standardize how each known vulnerability or exposure is
defined. This is a critical aspect since security professionals may easily obtain technical
attention on a certain danger from a number of CVE-compatible sources with conventional
IDs.
Device 1: Security Camera
1-2 Brief Paragraphs Of Background Information About The Device
A user may receive and control messages and pictures through the internet using an IP
camera. Unlike classic CCTV cameras, which need a local tape recorder to record, IP cameras
just require a local area network to be used for monitoring. However, the terms "IP camera"
and "netcam" are regularly used to refer to cameras that can be watched through a network
connection and are frequently employed for surveillance (Davis, Mason & Anwar, 2020).
Most IP cameras need the assistance of a central network video recorder to record, capture
pictures, and monitor alerts (NVR). Webcams record in real time to any local or remote
storage device, therefore they may be programmed to run in a monitored mode without the
need of a network video recorder (NVR).
CVE ID (The Number Portion Of A CVE Entry, For Example, "CVE-1999-0067") And
Description Of The Known Vulnerability
CVE-2022-20033
CVE-2019-19299
CVE-2017-8221
2. There have much vulnerability in security cameras, cameras and motion detectors, as well
as webcams, are hacked due to a lack of basic security measures, the use of default settings
and easy passwords, and CCTV security hacking programmes.
Description Of Possible Solutions Or Resolutions Of The Vulnerability
Users must be aware of the resources accessible to them as well as any known
vulnerabilities in order to keep IP security cameras secure. Solution for vulnerability -
Inside the firm, organise and divide the network. Separating video surveillance and
telecommunications networks not only saves money, but it also reduces the risk of a
security compromise.
If the user hasn't already done so, set up a firewall as soon as possible.
Each device should have a password that is unique, long, and difficult to guess. This is a
must-have feature if the port forwarding mechanism is activated. If the system uses a VPN, a
single strong password will suffice for all camera systems (Davis, Mason & Anwar, 2020).
Every 90 days, at the very least, you should update all of your passwords.
Assist in the creation and execution of cybersecurity policies and guidelines.
All staff that will have access to the surveillance system will need to get additional safety
and security training.
Allow for two-factor or multi-factor authentication.
Your recommendation to the hospital including whether the organization should avoid
using the product or what alternative solutions should be used.
I recommend security camera to the hospital, if all possible solution of security camera is
followed then it is not easy to hack. Doing so will make it easier for the hospital authorities
to keep an eye on everyone.
Device 2: Smart Doorbells
1-2 Brief Paragraphs Of Background Information About The Device
The system is linked to the internet and sends an alert to the homeowner's smartphone or
another electrical device when a client approaches the front door. In response to the user
pressing the doorbell tab or, in the alternative case, when the doorbell identifies the user
using its built-in motion detectors, it stimulates the user. Property owners may monitor and
communicate with visitors with the smart doorbell's built-in high-definition infrared sensor
and microphone doorbell, which can be accessed through a mobile application on their
smartphone (Alharbi & Aspinall, 2018). Participants may also remotely open the gates using
a smart lock with a number of additional smart door bells available on the market.
CVE ID (The Number Portion Of A CVE Entry, For Example, "CVE-1999-0067") And
Description Of The Known Vulnerability
3. CVE-2021-25522
CVE-2021-41427
CVE-2021-41426
Hackers may have gained access to the Ring Doorbell's Wi-Fi enabled devices credentials,
giving them access to the Ring Doorbell's network and maybe other equipment. According
to cybersecurity specialists, Ring Doorbell Pro detectors have received a software update to
solve the issue. According to the security company, Amazon's doorbell, which would be
managed and pushed by the tech giant, provided plain text Wi-Fi passwords or unencrypted
text when it contacted the network (Davis, Mason & Anwar, 2020). This weakness might
allow attackers within the region to learn Wi-Fi credentials and perhaps gain access to
other networked devices.
Description Of Possible Solutions Or Resolutions Of The Vulnerability
Possible Solutions Of The Vulnerability:-
Make sure doorbell's firmware is up to date - Manufacturers of Wi-Fi doorbells will install
and update the camera in the same way that they do with applications, websites, and other
network devices to solve faults and vulnerabilities. When a new position for a product
becomes available, security starts with an instant firmware upgrade.
Protect the router - Most consumers forget to change the router's default password while
using a modem, putting their security at risk. Many hackers get access to the connected
system by bypassing the router. Change the default password in the router's settings menu.
Ascertain that the router's browser admin page is not accessible from the Internet (Davis,
Mason & Anwar, 2020).
Secure the communication network's integrity- The internet network is applicable to the
home Wi-Fi if consumers have a video doorbell camera installed at their residence. The
most effective thing a user can do is to set up a separate connection for the doorbell camera
or video security system.
Your recommendation to the hospital including whether the organization should avoid
using the product or what alternative solutions should be used.
I recommend the doorbell at the hospital; it is not easy to hack if all the security measures
are taken. It alerts the occupant to the presence of the visitor and protects privacy in
workplace of the hospital authorities.
References
Alharbi, R., & Aspinall, D. (2018). An IoT analysis framework: An investigation of IoT smart
cameras' vulnerabilities.
4. Ali, B., & Awad, A. I. (2018). Cyber and physical security vulnerability assessment for IoT-
based smart homes. sensors, 18(3), 817.
Davis, B. D., Mason, J. C., & Anwar, M. (2020). Vulnerability studies and security postures of
IoT devices: A smart home case study. IEEE Internet of Things Journal, 7(10), 10102-10110.
Davis, B. D., Mason, J. C., & Anwar, M. (2020). Vulnerability studies and security postures of
IoT devices: A smart home case study. IEEE Internet of Things Journal, 7(10), 10102-10110.