Hikvision Removed From US Army Base, Congressional Hearing CalledBy: IPVM Team, Published on Jan 12, 2018
Hikvision has been removed from a US Army Base and a US congressional committee is planning a hearing on cybersecurity risks and specifically, Hikvision, reports the WSJ in a follow up to their (WSJ) Investigation Into Hikvision.
This is a major trend within the industry, with a growing list of organizations removing or barring Hikvision products, including:
- Hikvision Removed From US Embassy
- Hikvision Removed From US GSA Sales
- US Air Force Cancels Hikvision RFQ
- Hikvision Barred From US City Housing Authority Bid
- Fortune 500 Company Bars Dahua and Hikvision
Two main causes of these concerns exist. First, the Chinese government's controlling share of Hikvision, something Hikvision denies in the West but which they readily admit inside of China, Hikvision CEO Admits Hikvision China State-Owned Company.
Secondly, Hikvision's cybersecurity problems, most notably Hikvision's IP camera backdoor shipped in tens of millions of cameras but also including:
- 80+ OEMs Verified Vulnerable To Hikvision Backdoor
- Hikvision Security Code Cracked
- Hikvision Vulnerability Permits Wi-Fi Attack (hard-coded Wifi connection set)
- Hikvision Cloud Security Vulnerability Uncovered
- Hikvision VMS Password Recovery Vulnerability (Admin Passwords Sent In Plain Text)
- Hikvision Trojan Mobile App
- Hikvision Hardening Guide Recommends Port Forwarding
- Hikvision UPnP Hacking Risk
As the WSJ reported:
Rep. Steve Chabot, an Ohio Republican and chairman of the House Committee on Small Business, said he expects the committee to focus closely on potential cybersecurity vulnerabilities in security cameras. A spokeswoman for the committee said Hikvision will be examined as part of a hearing scheduled for Jan. 30 on the topic of “foreign cybersecurity threats to small businesses.” The hearing will discuss the security-camera industry generally, but Hikvision will be the only company about which specific questions will be raised, she said. [Emphasis Added]
The challenge for Hikvision is simply what to do now. A company created by the Chinese government and controlled by the Chinese government has vast advantages inside of China and with $6 billion in Chinese government loans, vast resources to spend on International expansion. But money is unlikely to be enough to win over an increasingly aware and skeptical International market. Hikvision's price cuts and sales campaigns continue and that certainly will help with some buyers but if Congressional hearings and more large users remove or ban their products, Hikvision faces difficult decisions about its International future.
Update: Hikvision Fires Back
Hikvision is striking back at the WSJ, labeling the story 'filled with bias and conjecture', and 'misleading to readers and use deceitful headlines'. Fascinatingly, Hikvision claims that the US Army base cameras were removed 'following unfounded and unsubstantiated media reports' but DHS ICS-CERT report gave Hikvision a worse 10.0 score for their IP camera backdoor, clearly a critical factor in worldwide concern about Hikvision products. Interestingly, Hikvision did not comment about the upcoming US Congressional hearings or what they plan to do about them.