China Surveillance Vulnerabilities Being Used To Attack China, Says China

By Charles Rollet, Published Apr 07, 2020, 07:13am EDT (Info+)

While China video surveillance vulnerabilities have been much debated in the West in the past few years, China is now saying those vulnerabilities are being used to attack China.

IPVM Image

This news comes from the PRC's main cyber threat monitoring body, which stated a recent hacking campaign's use of longstanding vulnerabilities is "sounding the alarm" on PRC IoT security, illustrating the risk associated with devices from that country.

In this post, we examine this news, including:

  • Attack Background
  • CNCERT Gives Update on Hacking Methods, Impact
  • China Manufacturers Especially Vulnerable
  • Cybersecurity Expert PenTestPartners Feedback: DVR Vulnerability from 2016
  • CNCERT: Hack "Sounded The Alarm" on China IoT Security
  • CNCERT Recommends Manufacturers, Users Beef Up Security
  • Prior Warning: PRC IoT Devices May Be "More Susceptible"

Attack **********

** ***-********,**** ************ '*********'-********** ***-***** ********* **** ********* China ***** ************ ********* ** **** of * ***********-********* ******* ******** ******* the *** ********** ******#********:

IPVM Image

*** ******** *** ** *********** ****** on ********** *** ************* **** *********, Dahua, ** ******* (***** *** ********* claimed ** **** ***** **** ********* USA's *******, **** *** ***** ********* and ********* ****** ** *********). *** one ****************** *** ************ **********, ***** ********* a ******** ******.

CNCERT ***** ****** ** ******* *******, ******

IPVM Image

*** ***'* ***** ***** ****** *******,******,****** ** ****** ** ***** ******* *** ******* ** **** ******* campaign, ********** **** ******* **** ***** main *******:

*** ****** *********** ********* **** *** overseas [*******] ***** **** **** ***** attack ******** ****** **** ***** ***** of ***************: ****** ******* ********* ***************, malicious **** ************, *** ***** ****** vulnerabilities.

China ************* ********** **********

***** ***** ** *************** **** **** significant ****** *** ***** *** ************* ranging **** ***** ******* ************* ** smaller **** ***** ********* - *** our********* ** ***** ************ ************* *************** and ********.

****** **** ****** *** ******* **** "malicious ****" **** *** ******** ** "different ******** ** *** ***** ******". The **** ***** **** ****** *** driven ** ********** ******* **** ***** PRC ***** ************ ***-*******************.

Hack ****** ******* *********

****** ****** *.** ******* ******* **** launched ** ***,*** ** *********, ***** 10,157 ***** ****** ******** **** ******** as ****. ****** *** *** ****** specific ********* ******** ** *** ******** impact ** *** *******. *** **** of *** ** ********* ******** **** located ** *****'* ******* *********, ***** most ***** ************ ************* ***** *****.

Expert ********: *** ************* **** ****

****** *******, *** ******** ********** ******************, ******** *** ****** ****** *** told **** ***** **** *** *************** which *************** "********* ** * ****** of **** **** ** ****" ** his **** **** "****** **** *******":

IPVM Image

******* **** *** ****** ** ********** DVRs *** ***** *****:

***** **** *** ** ***** ******* then, *** ***** *** *** **** 100k. **** ** *** ***** **** we **** ****** **** **** ***** fixed, *** **** ***'*.

*** ******* ***** **** *** ****** report "***'* ****** **********" ***** **'* obvious ***** ******* ***** *** ******:

*** ****** ***'* ***** * ***** no-name *** ******* ** *** ******** like **** ******. **'* *** **** a **** - ****'** **** ***** as ******** **** *** **** *****.

**** ******* **** **** ********* ******** - *******, ** ** ******* **** such *** *************** *** ***** ***** exploited *** ***** ******* *****, *** China's *** *********.

CNCERT: **** "******* *** *****" ** ***** *** ********, ***** *******

***** ****** ****** *** ********* ** the ***** **** "*** ****", ** also **** *** ******** "******* *** alarm" ***** *** ********** *****'* *** network ******** *** [******** *****]:

*** ********* **this ****** ** ******** ************* ** *** ****. However, this attack shows that the IoT device has become an important target for hackers, and it sounded *** ***** *** *** ******* ******** of the IoT device.

****** ***** ****** *** ***** *** ongoing:

**** *** ***** ******* ****** ** this ****** *****, ****** *** **** domestic ******** ********* ****** *************** *** attack ***** ********, *** ** ** the **** ** ***********,some *************** **** *** **** ******** *** *** ***** ** ******** *********.

CNCERT ********** *************, ***** **** ** ********

****** **** ***** *************** *** ***** video ************ ************* *** ***** ** beef ** ******** [******** *****]:

*. *** ****** ************* ******strengthen *** ******* ******** ********** ** *** *******, plan ****** ******** ************ ** ******* during the development process, and embed network security protection mechanisms;

*. *** ******users ****** ******* ******** checks on multiple levels of hardware, firmware, software, applications, and network protocols before the device goes online; after the device accesses the Internet, it should be protected by technical means such as firewalls, and at the same time strengthen the Monitoring and auditing of network access behavior of connected devices.

*. *** *******Internet ** ****** ********* ************* **** ******* ******** ************ *** *** **** *******. Internet of Things users *** ********* ** ******* **********, and security awareness needs to be improved.

Prior *******: *** *** ******* *** ** "**** ***********" ** *******

* **** **** ******** *****'* *** ****** ******** *** the** ***** ******** ******** ****** **************** **** "******** ********" ** *** manufacturing **** ** "*** ******** ** entry" *** "******* ********** *********" ***** that "*******-************ *** ******* *** ******** targets *** ************ ******", ******:

******* *** ******* *** ** ***** as *********** ** ************ ****** ** those **** ***** *********,and *** ** **** ** **** *********** [emphasis added]

**********

** *** *********** *** ***-***** *******, **** ***** that *** *** **********'* ***** ****** abuses **** ** * ***** ****** for ***********-********* ******* *********.

*** ** ***** ** *****'* **** cyber ********** ****, ******* *********** ***** is ************ *************** ******** **** ********* due ** *** ***** ** ******* security *** ***** ***** ************ ********.

Comments (4)

Maybe they should stop using Chinese manufactured kit. Think it's been published here may times over that it's not hard to crack.

Agree: 1
Disagree
Informative
Unhelpful
Funny: 1

I think this is fantastic and can only help in the long run.

Agree: 2
Disagree
Informative
Unhelpful
Funny

now time to ban all china made surveillance product or dont deal such product.

Agree
Disagree
Informative
Unhelpful
Funny

Chickens come home to roost. It amazes me how hard it is to talk people out of using a security product with security flaws.

Agree: 1
Disagree
Informative
Unhelpful
Funny
Login to read this IPVM report.
Why do I need to log in?
IPVM conducts reporting, tutorials and software funded by subscriber's payments enabling us to offer the most independent, accurate and in-depth information.
Loading Related Reports