Reset

March Madness Targeted by Cybercriminal Phishing Attacks, Creates Security Concerns

March 27, 2019

Hikvision Helps Partners and Employees Identify Phishing Attacks, Reduce Risk of Being Hacked

Hikvision Helps Partners and Employees Identify Phishing Attacks, Reduce Risk of being hacked

 

In the SecurityInfoWatch.com (SIW) article, “March Madness Signals Opening of Phishing Season,” the magazine’s editorial director, Steve Lasky, discusses an increase in hacking attacks and rising security concerns during the popular basketball NCAA March Madness season, as cybercriminals increase attempted phishing and malware schemes.

From the article: “Why are the warnings of tournament hoop hack-attacks almost as ubiquitous as the next NCAA basketball coaches’ scandal? Simple, because as much as the average Joe or Jane professes confidence in spotting a phishing attack, they usually can’t.”

March Madness is a time where co-workers, friends, and family create pools and compete with one another in predicting the most accurate NCAA basketball tournament bracket, according to the article.

“Typically, an organizer will send out links from a sports-centric website to the interested participants to allow them to join a group. This creates a situation where the participant may be unaware of the authenticity or safety of the website for the link sent by the organizer, making their personal data vulnerable to cross-site scripting attacks, hidden redirects, and website forgery. Participants should be cautious of shortened URLs which can redirect them to a malicious website that may look to steal their personal information,” said Mike Banic, VP of marketing at Vectra, in the article.

The article added that these cyberattacks work because most companies do not educate employees on how to detect them. The article offers several tips to recognize and avoid a phishing email, including:

  • Ignore emails to join tournaments from sites or groups that you weren’t explicitly requested to join.
  • Go directly to the website of the tournament bracket instead of clicking a webpage or email link. “It’s less convenient, but typing in the site into your browser reduces the chance that you’ll be rerouted to a fake website or worse, that malware gets loaded on your system,” said the article.

To read more tips from SIW, click here.

 

How to Identify Phishing Attacks, Two Steps to Reduce Risk of Phishing Attack

 

In the HikWire blog, “Hikvision’s Director of Cybersecurity Outlines Examples of Phishing,” Hikvision’s Chuck Davis outlines common malware attacks using phishing.

From the article: “Phishing attacks have long been an effective way for attackers to trick people into divulging sensitive information or infecting a system with malware. Malware can give an attacker remote access to protected systems and networks, encrypt a user’s data, and charge a ransom to decrypt the data, or use that system as part of an attack against other systems.”

In “Email Phishing Examples Part II,” Davis provides two steps to reduce the risk of phishing attacks. Below is an excerpt from the article.

While it is increasingly difficult to identify a well-crafted phishing email, there are some steps that can be taken to reduce the risk of falling victim to a phishing attack.

  1. Look carefully at the email headers. Check the "From" and "To" fields for anything suspicious. While we already stated that these can be spoofed, they can also be a good first indicator of a suspicious email. Here is how to check the full email headers in Gmail: https://support.google.com/mail/answer/29436?hl=en
  2. Hover over links and be sure to read the entire URL. When you hover over a link, notice if the website link is different than the listed URL. Also inspect the entire URL from the first forward slash, back to the left, to see where that link is actually going. For example, http://www.google.com.search.us/query.html is actually going to a server called "search.us," not google.com. Again, this can be spoofed in some cases but it’s a good indicator of how phishing links can appear to be sites we trust.

 

IMPORTANT! This model requires non-standard firmware. Do Not Install standard firmware (e.g. v.4.1.xx) on this model. Doing so will permanently damage your system. You must use custom firmware v.4.1.25 from the iDS-9632NXI-I8/16S product page.

View the most updated version of this document here:

https://techsupportca.freshdesk.com/en/support/solutions/articles/17000113531-i-series-nvr-firmware-upgrade-instructions

 

The I-series NVR (such as the DS-7716NI-I4) is one of Hikvision's most popular and feature-rich recorders. As such, many firmware revisions have been introduced over the years to continually ensure the product is compatible with the newest technology available. Due to the many revisions, we recommend that the user closely follows the instructions below in order to reduce the amount of time spent as well as the chance of failure.

 

Database Optimization and Repair

As more affordable IP cameras are introduced over time with greater video resolution and data sizes, more efficient database management also becomes necessary. The introduction of firmware v4.0 brought about a new database architecture in order to be futureproof.

 

After upgrading to v4.X, the recorder database will need to be converted and optimized. If you are experiencing issues where playback is expected but not found, make sure "Database Repair" is performed as indicated in the procedures and scenarios below.

 

Preparing the Upgrade

Before proceeding with upgrade, it is recommended that NVR configuration file is exported from the NVR over the network or on to a local USB drive.

 

Upgrading from v3.4.92 build 170518 or Older

  1. All recorders must reach v3.4.92 before proceeding further. Upgrading from versions before v3.4.92 directly to any version of v4.X will likely cause the recorder to fail.
  2. If the recorder is already at v3.4.92, a full factory default is highly recommended before upgrading to any version of v4.X. There is a high chance of unit failure (requiring RMA) if the unit is not defaulted before upgrade.
  3. After reaching v3.4.92 and performing a full factory default, an upgrade directly to v4.50.00 is acceptable.
  4. After the upgrade is completed and the recorder is reprogrammed, it may be beneficial to perform a Database Repair. For details, refer to the section "Database Optimization and Repair" above.
  5. To verify repair progress, you may refer to the HDD status, or search the recorder log for repair started and stopped entries. Note that while the HDD is repairing, new recordings are still being made, but some existing recordings may not be searchable until repair is complete.
  6. If you continue to observe playback issues after database repair, ensure there are no power, network, or motion detection issues. Should the problem persist, contact technical support.

 

Upgrading from Any v4.X Build to v4.50.00.

  1. Any v4.X build can be upgraded directly to v4.50.00.
  2. Export configuration is highly recommended before performing the upgrade.
  3. If upgrading from any v4.X version that was not v4.22.005, a Database Repair is recommended. Refer to Step 4 and onwards in the previous section.

 

Downgrading

Downgrading is not recommended. Due to new features and parameters constantly being added, downgrading may cause the NVR to factory default itself or require a manual default to operate properly.

By downloading and using software and other materials available via this website, you agree to be legally bound by HIKVISION General Terms of Use . If you don’t agree to these terms, you may not download or use any of those materials.

If you are agreeing on behalf of your company, you represent and warrant that you have legal authority to bind your company to the General Terms of Use above. Also you represent and warrant that you are of the legal age of majority in the jurisdiction in which you reside (at least 18 years of age in many countries).