Information Technology

Security is imperative for companies to deter trespassers and would-be thieves and to protect valuable equipment crucial for businesses to operate successfully.  A robust setup with cameras, sensors, and night vision can take the pressure off security teams and give business owners peace of mind out-of-hours. Luckily for organizations, the emergence of the Internet of Things (IoT) technology, mobile connectivity, apps, and cloud technologies has radically changed the security landscape and made it easier than ever to set up multi-room and on-premise systems. The possibilities are endless: cloud or local feed storage, customizable or automatic alerts and alarms, smartphones and tablet connectivity, wired or wireless, battery-powered or mains options, video capture, night vision, audio feeds of varying quality, and the ability to check-in, in real-time, are all on offer and can be tailored depending on the requirements of your business.  To make navigating the variety of hardware and vendor ecosystems available to today’s company owners less of a challenge, we have assembled our top ten picks for businesses. 

Ring Stick Up Cam Solar

Best home security camera

Ring

Once the case, heavy-duty, wired surveillance systems were the only options available to protect a business premise. Times have changed, and with the explosion in mobile solutions and the increased bandwidth offered by broadband and 4G/5G, there are mobile-friendly options for SMBs seeking a budget-conscious security option.  The benefit of the Ring camera range, including indoor, outdoor, stick-up, and floodlights, lies within its flexibility. Each camera can be connected to the same account and accessed via smartphone, alerting users to motion from all areas.  Of particular note are Stick Up Cams, which can be placed inside or outdoors and on flat surfaces or walls. Battery and wired options are available, as well as devices that come with a solar panel and backup battery pack. The Spotlight and Floodlight models, too, are of interest given their inbuilt security sirens.  As there are a variety of different cameras users can pick from, a mix-and-match set up to protect a premise is possible.ProsFlexible and quick setupsProfessional monitoring availableBolt-on ecosystem additions available, including outdoor camerasConsLong shipping timeMultiple camera costs are high

Google Nest Cam

Discreetly keep an eye out for intruders outside of hours

Nest

Google Nest cameras will be of interest to business owners already in the Nest ecosystem — including users of the Nest Thermostat, Nest CO2 alarms, as well as Nest X Yale Locks. The Nest Cam Indoor and Outdoor cameras are mobile options for on-premise security. They are best suited for budget-friendly users that need basic security measures in place. The cameras can record footage in 1080p HD, and when it comes to the outdoor version, this quality is maintained at night through infrared LEDs. You can pick up battery or wire-powered options. Both versions have inbuilt speakers and will alert users via their mobile devices if suspicious activity or visitors are detected by motion and noise sensors. Once the app has been installed, and an account has been set up, monitoring begins.  Subscriptions vary.ProsEasy setupMobile device monitoring and accessFlexible optionsConsExpensive for single cameras

Wyze Cam v3

Best budget security camera

Wyze

If you want to dip a toe into the world of IoT and intelligent home security devices, you may want to consider the Wyze Cam v3, one of the most affordable options on the market today.The Wyze Cam v3 is a $35 internet-connected camera offering 1080p recording, IP65 quality for indoor or outdoor use, a CMOS sensor designed to improve nighttime vision, a siren, and two-way communication.The camera can be part of a wider Wyze security ecosystem, including outdoor cameras, motion sensors, leak sensors, keypads, and entry monitors. ProsAdditional security products on offer to create a wider security networkSmall, compact designBudget-friendlyConsLimited cloud storage included unless subscribed

Arlo Pro 4

Wireless monitoring for the workplace

Arlo

Another option is the Arlo Pro 4. This slimline, business-ready option can be used either in or outdoors, being a weather-resistant model with a variety of mounting options that can detect both sound and motion. The Arlo Pro 4, available in black or white, can work as a day-to-day camera on the shop floor; a discreet camera placed outside to act as a night watchman, or as a part of a full network of cameras in a large workplace. A spotlight to improve low-light recording is included alongside object scanning and detection.Arlo’s camera is compatible with Amazon Alexa, Google Assistant, and Apple HomeKit. Users will receive real-time alerts whenever motion or sound is detected, and footage is captured in up to 2K HDR resolution. The vendor has also implemented Activity Zones which can be set to reduce unwanted or nuisance notifications.ProsSix months of battery lifeMagnetic mountsConsAn Arlo Secure subscription is required for premium features 

SimpliSafe security systems

Best for small homes and apartments

SimpliSafe

SimpliSafe is another worthy addition to our list and would suit users who need a flexible solution for smaller homes and apartments. SimpliSafe is a Wi-Fi-connected security solution backed by real-time monitoring in remote centers. While wired, in the case of a blackout, devices in the SimpliSafe range have backup batteries. The basic ‘Essentials’ package, starting at $219, includes a base station, keypad, three entry sensors, and one motion sensor. A free HD camera is also included in the bundle at the time of writing.Other packages and bolt-on options include panic buttons, freeze and water sensors, smoke detectors, and sirens. ProsNo drilling requiredStylish, discreet designConsExpensive 

What is the best home security camera?

The Ring Stick Up Cam Solar is the best home security camera, offering an exceptional product at an affordable price. We loved the easy setup, professional monitoring, and the entire range of Ring security products.

How did we choose these security cameras?

The requirements of home and business security cameras vary: the average consumer may lean toward an easy-to-install, budget-conscious product, whereas a company may be more inclined to invest in a more powerful alternative to protect valuable assets. In each case, we have considered as many aspects of a security system as possible, including recording capabilities, environmental use, and cost — both upfront and due to ongoing subscriptions.

Which is the right security camera for you?

When you are selecting your home security camera, you should consider the pain points at home or at your business location. What areas are the most important when it comes to monitoring? What assets do I need to protect? When might my home or premises be most vulnerable?If you’re working from home, for example, you might forgo constant video capture and a subscription, settling instead for clips and the ability to check-in while you’re away. However, if there is valuable stock in an office that is shut at night, you might pivot toward an option including night vision and constant video/audio feeds.Security cameraPricePower sourceVideoRing Stick Up Cam Solar$149Solar1080p HD, Live View, Night VisionGoogle Nest Cam$100Wired1080p HDWyze Cam v3$36Wired1080p HD, Live View, Color Night VisionArlo Pro 4$180Battery/Solar1080p, Color Night VisionSimpliSafe$270BatteryHD video with Night Vision

Is it necessary to subscribe to a monitoring service?

No, but technology services now — ranging from streaming to IoT — will not usually stop at hardware: revenue models are pivoting to subscriptions, too. If you want constant monitoring and footage to be stored beyond a specific period of time, you may need to sign up.

Will pets trigger alerts on a home security camera?

This was once a common problem with earlier forms of IoT and smart cameras, but vendors are constantly improving false-positive rates through improved object detection and the implementation of features such as ‘activity’ zones. 

Do I have to connect my camera to assistants like Amazon Alexa?

This bolt-on integration is usually added to make products more appealing and for the convenience for users, but you do not need to connect your home security system to anything else in your IoT ecosystem.

Are there alternative security cameras worth considering?

While our top picks have included a variety of functions and uses, the below are still worth consideration.

ZDNet Recommends More

Victims of ransomware attacks are paying higher ransoms than ever before, but there are signs that organisations are starting to take heed of cybersecurity advice, making them more resilient to cyber criminals. According to analysis by cybersecurity researchers at Sophos, the average ransom payment made by victims to choose to pay cyber criminals for a decryption key to restore their files and servers following a successful ransomware attack has increased to $812,260 – an almost five-fold increase compared with the 2020 average of $170,000. And the proportion of victims who pay ransoms of over $1 million has also risen substantially, up from 4% of ransom payments in 2020 to 11% in 2021 – meaning one in ten successful ransomware attacks is providing cyber criminals with a million dollar pay day. According to analysis by Sophos, just under half of ransomware victims pay the ransom, perceiving it to be the quickest way to restore the network – even though decryption keys provided by cyber criminals can’t be trusted and paying a ransom might just show that the victim is an easy target who could be extorted again. Ransomware attacks continue to be successful because cyber criminals can still exploit common cybersecurity vulnerabilities to enter networks and carry out campaigns. But while ransomware is still a major cybersecurity issue, there are signs that the situation could be about to get better.SEE: Cybersecurity: Let’s get tactical (ZDNet special report)”I’m a little optimistic for the first time in years about ransomware – I think we might be at the peak of our worst right now and I’m hoping we start to turn a corner,” Chester Wisniewski, principal research scientist at Sophos told ZDNet, citing how government bodies like the US Cybersecurity and Infrastructure Security Agency (CISA) and the UK National Cyber Security Centre (NCSC) have stepped in in “a meaningful way” to provide accessible and useful advice on how to improve cybersecurity. “The advice they’re giving and the things they’re doing are actually helping – I don’t think enough organisations are listening to them yet, but at least the resources are accessible, approachable and usable, so it’s a good start,” he said In addition to this, cyber insurance providers are demanding better security preparations from companies before issuing policies, while Wisniewski says the US sanctions against Russia following its invasion of Ukraine has had an impact on American businesses which do not want to pay ransoms to cyber criminals who are often working out of that region. “We’re seeing it being a really serious motivator for American companies and insurance companies to not pay ransoms,” said Wisniewski But while there are some encouraging signs, it’s unlikely ransomware is going away anytime soon.  The reason ransomware is so lucrative for cyber criminals is because there are victims who pay the ransoms. And if there are organisations out there who are vulnerable to cyber attacks and are still willing to pay six-figure ransom demands, there’s always going to be ransomware groups trying to exploit this. “I don’t think you’re ever going to deter the hardcore ransomware groups because there’s too much money to be made when they’re getting multi-million dollar hits,” said Wisniewski. “Crooks aren’t going to walk away from that, even if it’s a one in twenty chance – it’s still a million dollars,” he added.  MORE ON CYBERSECURITY More

Bronze President has potentially shifted from Asia to focus on Russia as the invasion of Ukraine continues. Also known as Mustang Panda, TA416, or RedDelta, the Chinese cyberespionage group has been active since at least 2018 and has traditionally focused on gathering intelligence from NGOs, research institutes, and internet service providers (ISPs).

Ukraine Crisis

Past countries and regions on the hit list include Europe, Mongolia, Russia, Vietnam, and South Africa. According to Secureworks Counter Threat Unit (CTU), the group is either “sponsored or at the very least tolerated by the Chinese government” and “appears to be changing its targeting in response to the political situation in Europe and the war in Ukraine.” Recent campaigns have primarily focused on Southeast Asia, with targets infiltrated for “political and economic” data theft and ongoing, long-term surveillance. However, CTU says that Bronze President has now pivoted to Russian speakers alongside European organizations. “This suggests that the threat actors have received updated tasking that reflects the changing intelligence collection requirements of the People’s Republic of China (PRC),” the researchers say. Government-sponsored — or, perhaps, tolerated — cyberattackers are tasked with activities that will benefit their government somehow. This often includes intelligence-gathering, spying, and activities that improve situational awareness, especially in times of conflict. These activities don’t only include ‘enemies’ or ‘hostile’ states — it also extends to who a country considers an ally or friend. CTU suggests that the recent Bronze President shift could indicate “an attempt by China to deploy advanced malware to computer systems of Russian officials.”

ZDNet Recommends

The best security key

While robust passwords help you secure your valuable online accounts, hardware-based two-factor authentication takes that security to the next level.

Bronze President is suspected of targeting the Russian military. The team analyzed a malicious executable called “Blagoveshchensk – Blagoveshchensk Border Detachment.exe,” which was disguised with a .PDF icon and heavily obfuscated to hide a downloader for PlugX malware. (The city of Blagoveshchensk is close to the Chinese border and is home to part of the Russian military.)If executed, the file will display a decoy document (written in English, oddly), which describes the refugee situation and EU sanctions. In the background, a downloader grabs PlugX from a command-and-control (C2) server previously tied to campaigns in Europe. PlugX is a Remote Access Trojan (RAT) capable of file exfiltration, executing remote command shells, establishing a backdoor, and deploying additional malicious payloads. Bronze President has a wide range of tools, including Cobalt Strike, the China Chopper backdoor, RCSession, and ORat, at its disposal. In March, ESET said the group was taking advantage of the war to spread a new Korplug/PlugX RAT variant, dubbed Hodur, via Ukraine & Russia-themed phishing campaigns. In other cybersecurity news related to Russia and Ukraine, Aqua Security has been tracking the use of cloud repositories by those on both sides of the conflict. The researchers found that 40% of public repositories with descriptions or names linked to the invasion, including tools and guides, promoted denial-of-service (DoS) activities “aimed at disrupting the network traffic of online services.” See alsoHave a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0 More

Written by

Chris Duckett, APAC Editor

Chris Duckett
APAC Editor

Chris started his journalistic adventure in 2006 as the Editor of Builder AU after originally joining CBS as a programmer. After a Canadian sojourn, he returned in 2011 as the Editor of TechRepublic Australia, and is now the Australian Editor of ZDNet.

Full Bio

Chinese drone maker DJI dropped a quick note on Tuesday to state it was suspending operations in Russia and Ukraine. “DJI is internally reassessing compliance requirements in various jurisdictions,” the note said. “Pending the current review, DJI will temporarily suspend all business activities in Russia and Ukraine. We are engaging with customers, partners and other stakeholders regarding the temporary suspension of business operations in the affected territories.” A week earlier, the company said it deplored any harm caused by the use of its products, particularly militarily. DJI said it produces products for consumers, and is “unequivocally opposed” to attempts that mount munition on its drones and has refused customisations for military use. “DJI believes strongly in these principles. Our distributors, resellers, and other business partners have committed to following it when they sell and use our products,” it said. “They agree not to sell DJI products to customers who clearly plan to use them for military purposes, or help modify our products for military use, and they understand we will terminate our business relationship with them if they cannot adhere to this commitment.” In March, Ukrainian Vice Prime Minister and Minister of Digital Transformation Mykhailo Fedorov accused Russia of using DJI drones to kill children, and called on DJI to block products being used in Ukraine that were not brought there, and to block drones purchased and activated in Russia, Syria, and Lebanon. Related Coverage More

Google has commenced the roll out of its new data safety section for Android users on the Play Store. The new section will require app developers to inform users on how they collect data, who has access to that data, and what data is collected.Further information available to users will include whether the developer has qualified their security practices against a global security standard, whether the app has committed to follow Google Play’s Families Policy, and more granular details relating to an app’s security practices such as whether users can ask for data to be deleted. Google will also require developers revise their data safety section when updating the functionality or data handling practices of their apps.  “We heard from users and app developers that displaying the data an app collects, without additional context, is not enough. Users want to know for what purpose their data is being collected and whether the developer is sharing user data with third parties,” the company said in a blog post.”In addition, users want to understand how app developers are securing user data after an app is downloaded. That’s why we designed the data safety section to allow developers to clearly mark what data is being collected and for what purpose it’s being used. Users can also see whether the app needs this data to function or if this data collection is optional.”Although the roll out of the new section has already commenced, developers have until the July 20 to fill out the section. Moreover, Google encouraged users to access the Android privacy dashboard to manage app permission for the use of location data, microphone, camera options, and to also review data access by apps.The new requirements come a month after Google removed an app with over 100,000 downloads from its Play Store after security researchers warned that the app was able to harvest the Facebook credentials of smartphone users and, additionally, after Google was reportedly fined €2 million by the Paris Commercial Court for acting abusively to developers with apps on the Play Store.Related Coverage More

A prolific botnet has reemerged with new techniques to infect Windows PC with malware. Once described as the most dangerous malware botnet in existence, Emotet helped cyber criminals to distribute malware and ransomware to victims around the world, before being disrupted by a coordinated global law enforcement takedown in January 2021. 

ZDNet Recommends

But Emotet reemerged 10 months later and has resumed campaigns. It is sending out millions of phishing emails in mass spam campaigns, with the aim of infecting devices with malware that ropes them into a botnet controlled by cyber criminals. SEE: A winning strategy for cybersecurity (ZDNet special report)According to cybersecurity researchers at Proofpoint, Emotet appears to be testing new attack techniques at a small scale, which could potentially be adopted for much larger campaigns. These techniques are designed to make attacks more difficult to detect, ultimately increasing the chances of them being successful.  The emergence of new attack techniques has coincided with a period when it seemed widespread Emotet campaigns were put on hold, with new activity occurring at low volume. One of these new campaigns exploits compromised email accounts to send out spam-phishing emails with one-word subject lines – researchers note that one of them is simply ‘Salary’, a subject line that could encourage a user to click out of curiosity. The message bodies contain only a OneDrive URL, which hosts zip files containing Microsoft Excel Add-in (XLL) files with a similar name to the email subject line. If the XLL files are opened and executed, Emotet is dropped on the machine, infecting it with malware. Emotet can be used to steal information from victims and serves as a backdoor for deploying other malware onto the compromised Windows system – it has commonly been used as a backdoor to deploy ransomware attacks. What makes this campaign distinct from previous Emotet campaigns is the use of OneDrive URLs – typically, Emotet attempts to spread itself via the use of Microsoft Office attachments or phishing URLs that link to Office files. The use of XLL files is also unusual, as Emotet has traditionally been distributed using Microsoft Excel or Word documents containing Visual Basic for Applications (VBA) scripts or macros.SEE: Clueless hackers spent months inside a network and nobody noticed. But then a ransomware gang turned upThis switch comes after Microsoft announced it would begin blocking macros obtained from the internet by default from April. That move is part of an effort to help protect users from a technique commonly used in phishing attacks, so gangs are likely testing new techniques to get around this. “After months of consistent activity, Emotet is switching things up. It is likely the threat actor is testing new behaviors on a small scale before delivering them to victims more broadly, or to distribute via new TTPs (Tactics, Techniques, and Procedures) alongside its existing high-volume campaigns,” said Sherrod DeGrippo, vice president of threat research and detection at Proofpoint.”Organisations should be aware of the new techniques and ensure they are implementing defenses accordingly,” she added. ZDNet has contacted Microsoft for comment. MORE ON CYBERSECURITY More

The White House has laid out its plans to give more authorities the power to respond to nefarious drone activity.The administration says while drones – or unmanned aircraft systems (USA) – have become useful for research, recreation and business, they’ve also become risks to public safety, privacy and homeland security. 

“Malicious actors have increasingly used UAS domestically to commit crimes, conduct illegal surveillance and industrial espionage, and thwart law enforcement efforts at the local, state and federal level,” it warns.SEE: The best drone accessories: Truly useful must-havesTo address the risks of rogue UAS, the White House wants to broaden powers of federal agencies that can already use technology to counter or neutralize bad drones, and expand authorization of the use of drone-detection technology, such as RF jammers, below the federal level.The White House has called on Congress to enact legislation outlined in the administration’s eight-point Domestic Counter-Unmanned Aircraft Systems National Action Plan “to close critical gaps in existing law and policy” that impede counter-rogue drone capabilities. The plan seeks to “expand where we can protect against nefarious UAS activity, who is authorized to take action, and how it can be accomplished lawfully,” the White House said in a statement.     The plan seeks to expand the existing counter-UAS powers available to Departments of Homeland Security (DHS), Justice, Defense, State, the Central Intelligence Agency and NASA “in limited situations”. It also wants to authorize the use of UAS detection technology for state and local and, notably, for critical infrastructure owners and operators. Currently, non-federal entities need to seek assistance from authorized entities like DHS to respond to a drone threat.    To avoid detection activity disrupting airspace and communications spectrum, the plan calls for the creation of a US government authorized-detection equipment list. It also wants a federal UAS incident-tracking database for departments and agencies to see the overall domestic threat. 

Commercial drones have caused several public safety incidents in recent years. Ahead of the Christmas break in 2018, hundreds of flights were cancelled at London’s Gatwick Airport following reports of a drone sighting near the airport: researchers found a drone striking an aircraft could create structural damage to parts of a wing. A year later, the UK government funded 18 counter-drone and drone technology projects overseen by the UK’s Ministry of Defence. NATO Communications and Information Agency (NCI Agency) in November tested 70 counter-drone systems that track and neutralize drones. One of them used a NATO-controlled drone “hunter” to track another drone and cast a net on the target to bring it down.   In the US, per Associated Press, Newark Liberty International Airport halted all landings in January 2019 after a drone sighting nearby. In 2015, drones crashed on the White House grounds in two separate incidents, prompting calls for the Federal Aviation Administration (FAA) to regulate recreational drone use. Today, the FAA requires recreational drone operators to register their identity with the FAA if the aircraft is 55 pounds or heavier. About 1.14 million recreational owners registered an estimated 1.44 million aircraft in use in December 2020, according to the FAA.Biden’s plan also calls for a comprehensive criminal statute to establish legal and illegal uses of UAS, and to close loopholes in existing federal law, while creating penalties to deter the most serious UAS-related crimes.  More

A security vulnerability that was left unpatched for three years allowed a notorious cyber-criminal gang to breach a network and plant ransomware. The BlackCat ransomware attack against the undisclosed organisation took place in March 2022 and has been detailed by cybersecurity researchers at Forescout who investigated the incident. 

BlackCat ransomware – also known as ALPHV – is becoming one of the most active ransomware groups currently, to the extent that the FBI has released an alert about it, warning how the group has compromised at least 60 victims around the world. SEE: Cybersecurity: Let’s get tactical (ZDNet special report)While BlackCat has a reputation for running a sophisticated ransomware operation, it was a simple technique that allowed malicious cyber criminals to gain initial access to the network – exploiting an SQL injection vulnerability in an internet-exposed unpatched and end-of-life SonicWall SRA appliance. A security patch has been available to fix the vulnerability since 2019, but it hadn’t been applied in this case, providing cyber criminals with an easy entry point into the network.  From there, the attackers were able to gain access to usernames and passwords, using them to gain access to ESXi servers, where the ransomware payload was ultimately deployed.  BlackCat deploys several techniques not used by other ransomware groups designed to make attacks successful. For starters, the ransomware is written in the Rust programming language, which is unusual for malware and makes it more difficult to detect and examine. The ransomware also uses a unique binary for each victim, based around information found in the target environment. The unique binary makes it more difficult to identify attacks as the code used in each campaign will be slightly different.  “A unique binary that is not general for each victim makes the detection harder,” Daniel dos Santos, head of security research at Forescout, told ZDNet.  In the case of the March 2022 incident, the attack was partially successful. BlackCat ransomware successfully encrypted servers and files, but the attack wasn’t able to spread to other parts of the network because it had been segmented. While the attackers could control one area of the network, they couldn’t move into other sections. “The segmentation was actually well done in this case and that’s why it was contained,” said dos Santos, who added that this attack using BlackCat ransomware-as-a-service appeared to have been carried out by a cyber criminal who was still learning how to conduct attacks properly. “The impression we got is that the affiliate that was running the actual malware wasn’t very experienced”. SEE: Google: We’re spotting more zero-day bugs than ever. But hackers still have it too easyHowever, despite the inexperience of the attacker, some servers were still infected with malware. While no ransom was paid, and the network segmentation reduced the impact of the attack, the whole incident could have been avoided if some basic cybersecurity hygiene advice had been followed. Those steps would have included applying the relevant security updates to fix a vulnerability that was first disclosed in 2019. “The biggest lesson here is patch the network infrastructure – whatever is facing the internet, it’s always important for it to be fully patched,” said dos Santos. It’s also recommended that organisations monitor their networks for external access from known IP addresses or unusual patterns of behavior. In addition, businesses should backup their servers regularly. Then, if something happens, the network can be restored to a recent point without needing to pay a ransom. MORE ON CYBERSECURITY More