PRC Warns Against China Video Surveillance Hacks, Hikvision Targeted

By: Charles Rollet, Published on Feb 14, 2020

Hackers are targeting China video surveillance manufacturers and systems, according to the PRC's main cyber threat monitoring body.

The hackers claim to be pro-Tibet activists seeking to damage Chinese firms "collaborating with and servicing the Chinese government", including Hikvision.

In this note, we examine this news and how it could impact video surveillance.

******* *** ********* ***** video ************ ************* *** systems, ********* ** *** PRC's **** ***** ****** monitoring ****.

*** ******* ***** ** be ***-***** ********* ******* to ****** ******* ***** "collaborating **** *** ********* the ******* **********", ********* Hikvision.

** **** ****, ** examine **** **** *** how ** ***** ****** video ************.

[***************]

CNCERT ************

** ******** **,** *************** ****** ** *****'* main ***** ****** ********** body,******, *******:

***** ******* ** ******** Hacker *************' ***** ** Launch ******* ** *****'* Video ************ ******

********, ******** ****** ************* claimed **** **** ***** launch * ***** ****** on ***** ** ***-********, targeting * ****** ** video ************ ******* ** China, *** ********* * number ** ******** ******** video ************ ******* ** use. ***** ********, *****'* video ************ ****** *** certain ***************, ******** ***** and **** ******* *****, which *** ****** * weak **** *** ******* launched ** ******** *******.

*** ****** ***** ***** surveillance ***** **:

***** *** ******* *** fill ** *****, ****** up *** **-*** ******* patches ** * ****** manner, ****** *** ****** system ******** *************** ** real ****, *** *********** weak ******** ***************, ******** vulnerabilities, ************ ****** ***************, login ****** *************** *** other ***** *** ***** surveillance *******.

* *** ******, * Macau ***** ****** **************** "*********** *********" ************ on "*** ******'* ********-***** CCTV ************ ******".

Hackers **********

*** ********* ***** ** be ***-***** ********* ******** the *** **********'* ************ campaign ** *****. **** have **** ********* **** of ***** ***** ***** the ******* #********, ******* they ***** ****** ************ on ******** **, *****'* (unrecognized)************ ***.

* ***** *** ****** on ******* **** *** #Op_Tibet ********:

*** ***** ******:

***** *** ********* ***** as * ******* ****** for *** ************ ** a ****** *********** *** biometric ************** ************** ***** monitors *** ******* ***** move **** ** ********. All ****** ******* *** vulnerable *** ******* ******** of ***** ********** ******* tech ************, *** ************** monitored. ****** ***** ********* are *********** **/*. *** extent ** ***** ********* is ** * *********** scale. **** ******* ****, cash ********* ** *********, increasingly ******** ****** *********** processing. ******** *** ****** to ***** * ****** personal ************** ******.CCTV ******* ******** **** ****** *********** ********** are across virtually every street, public buildings, and business. In addition the police deploy mobile surveillance centers. The use of artificial intelligence, big data, and advanced algorithms, has enabled China's government to impose a digital ************ **** *****, a highly effective and ever-present tool of oppression [...]

**** ** **** ***** violation ** ********** ******** and ***** ********* ***** be ******** **** ** not *** *****Chinese **** ************ *** *** ************* with and servicing Chinese government. Prominent among these are Huawei, SenseTime group, Face++, Alibaba, Baidu, Tencent Holdings, and iFlyTek. [emphasis added]

**** *** ****** ** confirm ******* #******** ** affiliated ** ****** ******* activists. *******, #******** ** not * *** *****,********** *********** **** **** **** took **** *** ******** of ******* ****** ************ in *****.

Companies ******** ******* ********* ***, ********* ****** ******

** ***, ***** ****** the #******** ******** ***** to **** ***** **** the ******** ** * number ** ******* ********,************ "** ********* ** Hikvision":

*******, ********* ***'* ******* is ** *** ******* at **** ** *******; it ******* ******** **** the ******* *** ******* offline *** **** **********. We **** ******* *** to ********* *** *******. No ***** ********** *** video ************ ************* **** been ******** (***.)

******: ********* **** **** "the ********* *** ******* has *** **** ****** or ** *** *** compromised."

Other ******** ********

* ******* ******* ********** with #*************** ***** ****** *** ******* ***** "hack **** ******* **** cams" *** ***** *** been ** ******** ** this ******** ********* (***).

#**************** ********* *********** *** *** **** giants *******, *******, *** China ****** - *******, this *** *** **** independently ********, *** *** firms *** *** ******* to **** ******** *** comment. #******** **** ****** a *********************** *** ********* ******** as *******:

  • *****://***.*******.***/
  • ****://***.*******.****.***
  • ****://***.*******.***.**/
  • *****://***.**********.***/

** *****, *** **** down ** ******** ** China ****, ****** *** iFlyTek. **** *** ***** surveillance *********. ***** ** these ***** **** ****** out *** **** ******* **** year***** ******* ********** ************ in *****. (*** **** mentioned ** *** *******, Shenzhen *********** ****, ** not *** **** ** the *** ******** ** hackers, ***** ** * shipping *******, ******* *** possibility ** *** ******** by *******.)

******* #******** ********************** ******** ** ***** Chinese ********** ******** *** affiliated ******* **************************** *******. *** ******** hacktivist******* ****"**** **** ***,*** ******* websites *** ******** **** Mirai", ***** ** **** unverified.

IPVM **********

** ***, ***** ** no ******** ******** ** major ******** ** *** video ************ ******* ** their *******. *******, **** may ******. **** ** monitoring **** ********* ******* and **** ****** ***********.

UPDATE: ********** ******** ****

******: * *** ************,**********,*********** ******** ** **** some ** *** ******** were ****** ** **** attack.

** ***************, ********** ****** "*** range ** ********* ******** by *** ******* ** not *****", ******* *** (pre-2017) **** *** **** with **** *********. ********** published * ******** ****** for *** ******** *********.

**********

*** ********* **** ****** by ******* **** ***** in ****** ***** **********'* surveillance ********* ***** **** a ****** *** ***********-********* hackers. **** **** ** the ******** ************* ******** for **** *****.

Comments (5)

**** ** ******* *** I **** **** *** up ****** **** ******** for * **** *****!

**** ** **** ** interesting *****! *’* ****** the ******* ****** **** sensitive *********** ***** *** CCTV ******* ***** ****. I’m **** ******* ** know **** **** ** storage ************ *** ************** China **** ** ***** and ******* **** *********** petabytes ** **** ****** the *******.

*********** *****, * ****** how ***** ***** **** using ***** *** ***** software.

******: ********* ****** **** its *** ******* *** attacked, ******* ****:

*** ********* *** ******* has *** **** ****** or ** *** *** compromised.

* ******......

irony

******: * *** ************,**********, **************** **** ** *** products **** ******. ** its************, ********** ****** "*** range ** ********* ******** by *** ******* ** not *****", ******* *** (pre-2017) **** *** **** with **** *********. ********** published * ******** ****** for *** ******** *********.

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Most Recent Industry Reports

Masks Cause Major Facial Recognition Problems on Feb 24, 2020
Coronavirus is spurring an increase in the use of medical masks, which new IPVM test results show cause major problems for facial recognition...
Every VMS Will Become a VSaaS on Feb 21, 2020
VMS is ending. Soon every VMS will be a VSaaS. Competitive dynamics will be redrawn. What does this mean? VMS Historically...
Video Surveillance 101 Course - Last Chance on Feb 20, 2020
This is the last chance to join IPVM's first Video Surveillance 101 course, designed to help those new to the industry to quickly understand the...
Vulnerability Directory For Access Credentials on Feb 20, 2020
Knowing which access credentials are insecure can be difficult to see, especially because most look and feel the same. Even insecure 125 kHz...
AI/Smart Camera Tutorial on Feb 20, 2020
Cameras with video analytics, sometimes called 'Smart' camera or 'AI' cameras, etc. are one of the most promising growth areas of video...
China Manufacturer Suffers Coronavirus Scare on Feb 20, 2020
Uniview suffered a significant health scare last week after one of its employees reported a fever and initially tested positive for coronavirus....
Cheap Camera Problems at Night on Feb 19, 2020
Cheap cameras generally have problems at night, despite the common perception that integrated IR makes cameras mostly the same, according to new...
Milestone Launches Multiple Cloud Solutions on Feb 18, 2020
Milestone is going to the cloud, becoming one of the last prominent VMSes to do so. Milestone is clearly late but how competitive do these new...
Video Surveillance Architecture 101 on Feb 18, 2020
Video surveillance can be designed and deployed in a number of ways. This 101 examines the most common options and architectures used in...
UK Stands Behind Hikvision But Controversy Continues on Feb 18, 2020
Hikvision is exhibiting at a UK government conference for law enforcement, provoking controversy from the press, politicians, and activists due to...