Reset

Hikvision Senior Cybersecurity Director on US IoT Cybersecurity Improvement Act Becoming Law

February 2, 2021

Hikvision HikWire blog article Senior Cybersecurity Director on US IoT Cybersecurity Improvement Act Becoming Law

Protect Your IoT Devices with 3 Hikvision Tips to Address IoT Vulnerabilities

 

An important step toward securing the Internet was achieved on December 4, 2020, when President Trump signed an IoT (Internet of Things) security bill into law. The Internet of Things Cybersecurity Improvement Act of 2020 has been in the works since 2017 and was passed by the U.S. House of Representatives in September 2020 and by the U.S. Senate in November 2020.

The bi-partisan team that backed the IoT bill included Reps. Robin Kelly (D-Ill.) and Will Hurd (R-Tex.), and Sens. Mark Warner (D-Va.) and Cory Gardner (R-Colo.), and was backed by multiple tech companies, including BSA (The Software Alliance), Cloudflare, CTIA, Mozilla, Rapid7, Symantec, and Tenable, according to SecurityWeek.

This new IoT security law calls for the National Institute of Standards and Technology (NIST) to publish within 90 days, a set of “standards and guidelines for the federal government on the appropriate use and management by agencies of Internet of Things devices owned or controlled by an agency and connected to information systems owned or controlled by an agency, including minimum information security requirements for managing cybersecurity risks associated with such devices.” This includes but is not limited to secure development, identity management, patching and configuration management.

The law also requires the U.S. Office of Management and Budget (OMB) to publish recommendations within 180 days, based on the NIST publication and consultation with cybersecurity researchers and private sector industry experts.

It is not just the federal government who is looking to fix this problem with legislation. According to BTB Security, “A growing number of state legislatures are concerned about the lack of security posed by Internet-of-Thing (IoT) devices. California was the first to pass a law mandating better IoT security in 2018 and Oregon has followed suit this year while Illinois, Kentucky, Massachusetts, Maryland, New York, Rhode Island, Vermont and Virginia are considering similar legislation.”

Legislation is an important step in securing the rapidly growing number of IoT devices on the Internet. The risk of unsecured IoT devices is not news. In 2019, Hikvision’s senior director of cybersecurity, Chuck Davis, called for IoT standards and legislation in an Enterprise Security magazine article called “Attack of the Light Bulbs.” Poorly secured IoT devices continue to be one of the greatest threats to the Internet and our collective digital security. According to Statista, there will be more than 75 billion IoT connected devices in use by 2025.

Tips to Address IoT Vulnerabilities

3 Tips to Better Protect Your IoT Devices
If you own IoT devices, here are a few tips you can follow to better secure and protect your devices and your network.

  1. Ensure that your IoT devices are regularly patched. You might have to do this manually for some devices that do not have automatic updates.
     
  2. Make sure your IoT devices are behind a firewall. Port forwarding means that the device is directly accessible from the Internet and it will be attacked.
     
  3. Put IoT devices on a separate network in your home or office. To do this, follow the recommendations to address potential vulnerabilities in the Hikvision article, “Cybersecurity at Home: Hikvision Cybersecurity Director Talks Network Security and Network Segmentation.”

IMPORTANT! This model requires non-standard firmware. Do Not Install standard firmware (e.g. v.4.1.xx) on this model. Doing so will permanently damage your system. You must use custom firmware v.4.1.25 from the iDS-9632NXI-I8/16S product page.

View the most updated version of this document here:

https://techsupportca.freshdesk.com/en/support/solutions/articles/17000113531-i-series-nvr-firmware-upgrade-instructions

 

The I-series NVR (such as the DS-7716NI-I4) is one of Hikvision's most popular and feature-rich recorders. As such, many firmware revisions have been introduced over the years to continually ensure the product is compatible with the newest technology available. Due to the many revisions, we recommend that the user closely follows the instructions below in order to reduce the amount of time spent as well as the chance of failure.

 

Database Optimization and Repair

As more affordable IP cameras are introduced over time with greater video resolution and data sizes, more efficient database management also becomes necessary. The introduction of firmware v4.0 brought about a new database architecture in order to be futureproof.

 

After upgrading to v4.X, the recorder database will need to be converted and optimized. If you are experiencing issues where playback is expected but not found, make sure "Database Repair" is performed as indicated in the procedures and scenarios below.

 

Preparing the Upgrade

Before proceeding with upgrade, it is recommended that NVR configuration file is exported from the NVR over the network or on to a local USB drive.

 

Upgrading from v3.4.92 build 170518 or Older

  1. All recorders must reach v3.4.92 before proceeding further. Upgrading from versions before v3.4.92 directly to any version of v4.X will likely cause the recorder to fail.
  2. If the recorder is already at v3.4.92, a full factory default is highly recommended before upgrading to any version of v4.X. There is a high chance of unit failure (requiring RMA) if the unit is not defaulted before upgrade.
  3. After reaching v3.4.92 and performing a full factory default, an upgrade directly to v4.50.00 is acceptable.
  4. After the upgrade is completed and the recorder is reprogrammed, it may be beneficial to perform a Database Repair. For details, refer to the section "Database Optimization and Repair" above.
  5. To verify repair progress, you may refer to the HDD status, or search the recorder log for repair started and stopped entries. Note that while the HDD is repairing, new recordings are still being made, but some existing recordings may not be searchable until repair is complete.
  6. If you continue to observe playback issues after database repair, ensure there are no power, network, or motion detection issues. Should the problem persist, contact technical support.

 

Upgrading from Any v4.X Build to v4.50.00.

  1. Any v4.X build can be upgraded directly to v4.50.00.
  2. Export configuration is highly recommended before performing the upgrade.
  3. If upgrading from any v4.X version that was not v4.22.005, a Database Repair is recommended. Refer to Step 4 and onwards in the previous section.

 

Downgrading

Downgrading is not recommended. Due to new features and parameters constantly being added, downgrading may cause the NVR to factory default itself or require a manual default to operate properly.

By downloading and using software and other materials available via this website, you agree to be legally bound by HIKVISION General Terms of Use . If you don’t agree to these terms, you may not download or use any of those materials.

If you are agreeing on behalf of your company, you represent and warrant that you have legal authority to bind your company to the General Terms of Use above. Also you represent and warrant that you are of the legal age of majority in the jurisdiction in which you reside (at least 18 years of age in many countries).