We recently onboarded a new client in South Jersey who believed they had a professional security system protecting their facility. They had a network video recorder and a suite of cameras, all installed by a previous contractor. On the surface, things looked fine. But when we dug into their network configuration, we found a ticking time bomb.
The previous installer had made two of the most dangerous and amateur mistakes in the industry: they used port forwarding to enable remote access and left the system’s default credentials in place.
This isn’t just a minor oversight—it’s the digital equivalent of leaving your front door wide open with a welcome mat out for hackers. This client’s story is a critical cautionary tale for any business in New Jersey, Pennsylvania, or Delaware that has a connected security system.
What’s Wrong with Port Forwarding?
In simple terms, port forwarding punches a hole through your network’s firewall and points it directly at a specific device, like your video recorder. The intention is to allow you to view your cameras remotely from your smartphone or computer.
The reality is that you’re also pointing a giant, flashing neon sign at that device for every automated hacking tool and bad actor on the internet. These bots constantly scan the web, looking for these open ports. Once they find one, they start attacking.
Port forwarding is a legacy practice from the early 2000s that has no place in modern security installations. Yet some installers continue to use it because it’s quick, easy, and requires minimal technical knowledge.
The Unforgivable Sin: Default Credentials
Making matters exponentially worse, the system was still using the factory-default username and password.
Hackers don’t guess passwords one by one. They use automated scripts that try millions of common default combinations—”admin/12345,” “root/admin,” “admin/admin”—in minutes. An exposed device using default credentials is not a matter of if it will be compromised, but when.
When you combine an open port with a default password, you haven’t just left the door unlocked—you’ve posted the key and your address on a public bulletin board.
Why This Was a Ticking Time Bomb: A History of Vulnerabilities
This isn’t just a theoretical risk. Many brands of security equipment have well-documented histories of severe, remotely exploitable vulnerabilities. For an attacker, finding an exposed security device with default credentials is like striking gold.
Here are just a few examples of the types of critical flaws that improperly configured systems can be vulnerable to:
Remote Code Execution Vulnerabilities: These “zero-click” vulnerabilities are so severe they often receive CVSS scores of 9.8 out of 10. An attacker needs no password and no interaction from the user to gain an unrestricted root shell on the device. This provides full control, allowing them to view or manipulate video, steal data, and pivot to attack the rest of your internal business network.
Critical Access Control Flaws: These vulnerabilities allow an unauthenticated attacker to bypass all security and gain full administrative privileges on the system, potentially compromising every connected device.
Remote Command Execution: These flaws allow an attacker to remotely execute any command they want, effectively seizing control of the underlying system.
Hardcoded Backdoors: Some equipment has been found to contain hardcoded passwords that allow anyone with knowledge of these credentials to gain full administrative access.
By exposing security equipment directly to the internet with default credentials, the previous installer turned these known vulnerabilities into active, immediate threats.
The Real-World Consequences
What can actually happen when a security system is compromised?
Ransomware Entry Point: Attackers use compromised security devices as a foothold to deploy ransomware across your entire network, potentially shutting down your business for days or weeks.
Data Theft: Once inside your network, attackers can access sensitive business data, customer information, financial records, and intellectual property.
Surveillance Manipulation: Attackers can disable cameras during a physical break-in, manipulate footage to hide criminal activity, or even use your cameras to spy on your operations.
Botnet Recruitment: Your devices can be hijacked and used to attack other organizations, potentially making you legally liable.
Compliance Violations: If your compromised system leads to a data breach, you may face regulatory fines and legal liability, especially in industries with strict data protection requirements.
The Right Way: Security-First Integration
A professionally installed security system should NEVER use port forwarding for remote access.
At Systems Integrations, we follow modern cybersecurity principles:
Cloud-Based & Secure Connections: We deploy modern systems from Rhombus, Hanwha, PDK, and Feenics that utilize encrypted, outbound-only connections. The devices call out to the secure cloud platform; the cloud never calls in. This means no open ports on your firewall, making your devices invisible to attackers scanning the internet.
IT & Networking Expertise: We are not just installers—we are IT professionals. Our team includes a Security Industry Association Cybersecurity Certified engineer who understands how to configure devices securely on your network. We implement proper network segmentation, often using VLANs to isolate security hardware from your critical business data.
No Default Credentials. Ever.: The first step in any installation is changing all default passwords to strong, unique credentials. We implement secure credential management and enable multi-factor authentication wherever possible.
NDAA-Compliant Equipment: We use only NDAA-compliant video surveillance equipment from trusted manufacturers like Hanwha and Rhombus. This protects you from foreign-manufactured vulnerabilities and ensures compliance with federal security standards.
Ongoing Firmware Management: We maintain a clear policy for keeping your devices updated with the latest security patches to protect against newly discovered vulnerabilities. Security is not a one-time installation—it requires ongoing maintenance.
Secure Remote Access: When VPN or other secure remote access is required, we implement it properly, using encrypted tunnels and multi-factor authentication, never exposing devices directly to the internet.
Network Assessment: Before any installation, we assess your existing network infrastructure and work with your IT team or managed service provider to ensure proper integration without introducing vulnerabilities.
Is Your Security System a Liability?
An improperly installed security system provides a false sense of security while creating a dangerous backdoor into your organization. You hired a company to protect you, but their negligence could be your biggest vulnerability.
This is especially concerning for manufacturing facilities, wealth management firms, and any business handling sensitive data or operating under compliance requirements. A compromised security system can be the entry point for devastating breaches.
Red Flags Your System May Be Vulnerable
If any of these apply to your current system, you should have it professionally assessed immediately:
- You access your cameras remotely by typing an IP address and port number into your browser
- You had to configure port forwarding on your router or firewall
- You don’t know if default passwords were changed
- Your installer didn’t discuss network security or work with your IT team
- Your system hasn’t received firmware updates since installation
- You’re using equipment that is not NDAA-compliant
- Your installer was unlicensed or uninsured
Don’t Wait for a Breach
Don’t wait to find out your system has been compromised. The cost of a security breach—in downtime, data loss, reputation damage, and legal liability—far exceeds the cost of proper installation and ongoing maintenance.
At Systems Integrations, we have over 20 years of experience in security integration and IT services. We’re fully licensed in New Jersey, Pennsylvania, Delaware, and Florida, and we’re active members of NJELSA, ESA, and BNI. Our team includes certified technicians who undergo annual continuing education on both physical security and cybersecurity.
We offer comprehensive security and network assessments to identify hidden vulnerabilities in your existing systems. We’ll provide a detailed report of risks and recommendations, with no obligation.
Contact Systems Integrations today at (866) 417-3787 for a professional security and network assessment. We’ll identify the hidden risks and build a solution you can actually trust.