PRC Warns Against China Video Surveillance Hacks, Hikvision Targeted

By: Charles Rollet, Published on Feb 14, 2020

Hackers are targeting China video surveillance manufacturers and systems, according to the PRC's main cyber threat monitoring body.

IPVM Image

The hackers claim to be pro-Tibet activists seeking to damage Chinese firms "collaborating with and servicing the Chinese government", including Hikvision.

In this note, we examine this news and how it could impact video surveillance.

CNCERT Announcement

IPVM Image

On February 12, an announcement was issued by China's main cyber threat monitoring body, CNCERT, stating:

Early Warning On Overseas Hacker Organizations' Plans to Launch Attacks on China's Video Surveillance System

Recently, overseas hacker organizations claimed that they would launch a cyber attack on China in mid-February, targeting a number of video surveillance systems in China, and announced a number of relevant domestic video surveillance systems in use. After analysis, China's video surveillance system has certain vulnerabilities, security risks and data leakage risks, which may become a weak link for attacks launched by overseas hackers.

The notice urged video surveillance users to:

Get Notified of Video Surveillance Breaking News
Get Notified of Video Surveillance Breaking News

Check for defects and fill in leaks, follow up the in-use product patches in a timely manner, detect and repair system security vulnerabilities in real time, and investigate weak password vulnerabilities, backdoor vulnerabilities, unauthorized access vulnerabilities, login bypass vulnerabilities and other risks for video surveillance systems.

A day before, a Macau cyber police official warned of "politically motivated" cyberattacks on "the nation's Internet-based CCTV surveillance system".

Hackers Background

The attackers claim to be pro-Tibet activists fighting the PRC government's surveillance campaign in Tibet. They have been spreading news of their cause using the hashtag #Op_Tibet, stating they would launch cyberattacks on February 13, Tibet's (unrecognized) independence day.

A video was posted on YouTube from the #Op_Tibet movement:

The video stated:

China has exploited Tibet as a testing ground for the installation of a facial recognition and biometric identification infrastructure which monitors and records every move made by Tibetans. All mobile devices are vulnerable and exposed courtesy of state controlled Chinese tech corporations, and communications monitored. Social media platforms are scrutinized 24/7. The extent of state intrusion is on a frightening scale. Each payment made, cash deposited or withdrawn, increasingly involves facial recognition processing. Tibetans are forced to carry a unique personal identification number. CCTV cameras equipped with facial recognition technology are across virtually every street, public buildings, and business. In addition the police deploy mobile surveillance centers. The use of artificial intelligence, big data, and advanced algorithms, has enabled China's government to impose a digital stranglehold over Tibet, a highly effective and ever-present tool of oppression [...]

None of this gross violation of individual freedoms and civil liberties would be possible were it not for those Chinese tech corporations who are collaborating with and servicing Chinese government. Prominent among these are Huawei, SenseTime group, Face++, Alibaba, Baidu, Tencent Holdings, and iFlyTek. [emphasis added]

IPVM was unable to confirm whether #Op_Tibet is affiliated to actual Tibetan activists. However, #Op_Tibet is not a new cause, previously surfacing in 2016 when they took down the websites of Chinese mining corporations in Tibet.

Companies Targeted Include Hikvision USA, Hikvision Denies Attack

So far, those behind the #Op_Tibet movement claim to have taken down the websites of a number of Chinese entities, including the "US franchise of Hikvision":

IPVM Image

However, Hikvision USA's website is up and running at time of writing; it remains possible that the website was briefly offline and then reinstated. We have reached out to Hikvision for comment. No other mainstream PRC video surveillance manufacturers have been attacked (yet.)

UPDATE: Hikvision told IPVM "the Hikvision USA website has not been hacked or in any way compromised."

Other Entities Targeted

A Twitter account affiliated with #Op_Tibet claimed early on that the hackers would "hack into Chinese CCTV cams" but there has been no evidence of this actually happening (yet).

#Op_Tibet claims to have taken down servers for PRC tech giants Alibaba, Tencent, and China Unicom - however, this has not been independently verified, and the firms did not respond to IPVM requests for comment. #Op_Tibet also posted a Pastebin document listing the following websites as targets:

  • https://www.iflytek.com/
  • http://www.capital.cimc.com
  • http://www.wiseweb.com.cn/
  • https://www.haohandata.com/

Of these, all were down on February 13 China time, except for iFlyTek. None are video surveillance companies. Three of these firms were called out in a news article last year about Chinese government surveillance in Tibet. (The CIMC mentioned in the article, Shenzhen Intelligent CIMC, is not the same as the one targeted by hackers, which is a shipping company, leaving the possibility it was attacked by mistake.)

Another #Op_Tibet Pastebin document listed hundreds of local Chinese government websites and affiliated Twitter accounts claim to have taken down several. One Op_Tibet hacktivist tweeted that "more than 500,000 Chinese websites are infected with Mirai", which is also unverified.

IPVM Monitoring

So far, there is no concrete evidence of major breaches of PRC video surveillance players or their systems. However, this may change. IPVM is monitoring this situation closely and will update accordingly.

UPDATE: Juanvision Confirms Hack

UPDATE: A PRC manufacturer, Juanvision, confirmed on February 11 that some of its products were hacked by this attack.

In its announcement, Juanvision stated "the range of equipment affected by the hackers is not large", chiefly old (pre-2017) NVRs and DVRs with weak passwords. Juanvision published a firmware update for all affected equipment.

Conclusion

The prominent role played by Chinese tech firms in aiding their government's surveillance campaigns makes them a target for politically-motivated hackers. This adds to the existing cybersecurity concerns for such firms.

1 report cite this report:

China Surveillance Vulnerabilities Being Used To Attack China, Says China on Apr 07, 2020
While China video surveillance vulnerabilities have been much debated in the...
Comments (5) : Members only. Login. or Join.

Related Reports

China Surveillance Vulnerabilities Being Used To Attack China, Says China on Apr 07, 2020
While China video surveillance vulnerabilities have been much debated in the...
Axis Exports To China Police Criticized By Amnesty International on Sep 21, 2020
Axis Communications and other EU surveillance providers are under fire from...
China General Chamber of Commerce Calls Out US Politics on Sep 24, 2020
While US-China relations are at an all-time low, optimism about relations...
Hikvision Put on US DoD "Communist Chinese Military Companies" List, Faces Risk of Presidential Sanctions on Jun 26, 2020
The US DoD has put Hikvision on a list of "Communist Chinese Military...
IPVM Editorial Staff on Aug 01, 2020
IPVM has the largest and most experienced editorial team covering video...
Honeywell Warns of Huawei, Advocates Futureproofing on Aug 31, 2020
For years, Honeywell has profited from OEMing Dahua and using Huawei...
Sunell is The First China Manufacturer to Market NDAA Compliance on Jul 30, 2020
Most China manufacturers are going to be impacted by the NDAA 'Blacklist...
US Passes Uyghur Human Rights Law Condemning Mass Surveillance on Jun 18, 2020
The US government has passed the Uyghur Human Rights Policy Act of 2020,...
Huawei HiSilicon Shortage Impacts Surveillance Manufacturers on Aug 14, 2020
Huawei acknowledged problems and challenges for its HiSilicon chip business,...
Verkada Access Control Tested on Sep 09, 2020
Verkada raised $80 million earlier in 2020, expanding from video into access...
Netposa Stock Surges 46% After US Human Rights Abuse Sanctions on May 27, 2020
Last Friday, the US government announced it would sanction PRC video...
Beware Rigged China Fever Cameras on Sep 08, 2020
Many China fever camera manufacturers have rigged algorithms dynamically...
Startup Calipsa Presents AI False Alarm Filtering on Jul 21, 2020
Calipsa presented its AI false alarm filtering platform at the 2020 IPVM...
SenseB4 Presents Cloud Network Device Monitoring on Jun 09, 2020
SenseB4 presented its cybersecurity and network health monitoring products at...
Verkada Disruptive Embedded Live Help on Sep 24, 2020
Call up your integrator? Have someone come by the next day? Verkada is...

Recent Reports

OnTech Smart Services Partners With Google and Amazon To Compete With Integrators on Sep 25, 2020
A pain point for many homeowners to use consumer security and surveillance is...
The Future of Metalens For Video Surveillance Cameras - MIT / UMass / Immervision on Sep 25, 2020
Panoramic cameras using 'fisheye' lens have become commonplace in video...
Hikvision Sues Over Brazilian Airport Loss on Sep 24, 2020
Hikvision was excluded from a Brazilian airport project because it is owned...
China General Chamber of Commerce Calls Out US Politics on Sep 24, 2020
While US-China relations at an all-time low, optimism about relations...
Verkada Disruptive Embedded Live Help on Sep 24, 2020
Call up your integrator? Have someone come by the next day? Verkada is...
IP Networking Course Fall 2020 - Last Chance - Register Now on Sep 23, 2020
Today is the last chance to register for the only IP networking course...
Drain Wire For Access Control Reader Tutorial on Sep 23, 2020
An easy-to-miss cabling specification plays a key role in access control, yet...
Norway Council of Ethics Finds Hikvision Human Rights Abuses "Ongoing" on Sep 23, 2020
Hikvision's involvement in "serious human rights abuse" in Xinjiang is...
IPVM Camera Calculator User Manual / Guide on Sep 23, 2020
Learn how to use the IPVM Camera Calculator (updated for Version 3.1). The...
Installation Course Fall 2020 - Save $50 - Last Chance on Sep 22, 2020
This is a unique installation course in a market where little practical...
SimpliSafe Business Security Launched Examined on Sep 22, 2020
SimpliSafe has launched "SimpliSafe Business Security" that the company...
FLIR CEO: Many New Fever Entrants "Making Claims That The Science Just Won't Support" on Sep 22, 2020
FLIR's CEO joins a growing number calling out risks with fever / screening...
China Bems Temperature Measurement Terminal Tested on Sep 22, 2020
Guangzhou Bems (brand Benshi) is the manufacturer behind temperature...
Axis Exports To China Police Criticized By Amnesty International on Sep 21, 2020
Axis Communications and other EU surveillance providers are under fire from...
Milestone XProtect on AWS Tested on Sep 21, 2020
Milestone finally launched multiple cloud solutions in 2020, taking a...