Hikvision Rejects Responsibility for Hacked Hikvision Cameras

By: John Honovich, Published on May 10, 2016

After a massive number of Hikvision cameras were hacked, Hikvision has added new, and questionable legal language, declaring that Hikvision will take no responsibility for hacked Hikvision cameras.

No Responsibility

The language is inserted in a legal disclaimer section included in Hikvision documentation such as user manuals and quick start guides in the box:

HIKVISION SHALL NOT TAKE ANY RESPONSIBILITES FOR ABNORMAL OPERATION, PRIVACY LEAKAGE OR OTHER DAMAGES RESULTING FROM CYBER ATTACK, HACKER ATTACK, VIRUS INSPECTION, OR OTHER INTERNET SECURITY RISKS

This language is not found in documentation prior to the hacks (such as the 5.2 user manual), but is now commonplace in the 5.3 and later documentation, that was released after the numerous hacking issues.

Extremely Uncommon

While product warranties have general liability limitations, it is quite uncommon for camera manufacturers to have explicit language excluding cyber security. Of course, this is even more significant given Hikvision's poor cyber security track record and Hikvision's industry worse cyber security rating from integrators.

Hikvision Chinese Government Ownership

Making this even more complicated, Hikvision is a Chinese state owned enterprise, run by the Chinese government / China communist party. Undoubtedly, the Chinese government is one of the best cyber hacking entities globally.

Get Notified of Video Surveillance Breaking News
Get Notified of Video Surveillance Breaking News

It is, minimally, ironic, that an organization so strong at cyber hacking would seek to use the International legal system to protect itself from the consequences of their own products being hacked.

End User Risk

If you are an integrator supplying Hikvision or an end user with Hikvision products deployed, we urge you to consult with your attorney to understand the legal risk and ask Hikvision to remove this clause.

Not only is it uncommon but the process of how Hikvision has simply added it to product documentation is questionable (e.g., Are Hikvision products bought before 2015 covered by this? Is inserting a disclaimer in a manual legally binding?).

Buyer Truly Beware

As it is, if Hikvision makes another colossal mistake (e.g., copying malicious code from a bulletin board like they did in 2015) or if they allow Chinese government backdoors in their cameras, Hikvision buyers take all the risk.

And while Hikvision's super low prices are attractive, one needs to seriously factor in these risks.

8 reports cite this report:

Hikvision Responds To Cracked Security Codes on Aug 15, 2017
Hikvision has responded to IPVM's report on Hikvision's security code being cracked, both with a 2 page update to dealers and communication...
US Army Bans Chinese DJI Drones on Aug 08, 2017
The US Army has issued a ban on Chinese-made DJI drones. A US Army memo obtained by sUAS News references a classified document from the Army...
Hikvision USA Head of Cybersecurity Exits on Jul 18, 2017
Hikvision USA's Head of Cybersecurity has exited the company. In this note, we review the move, share Hikvision's feedback and examine the...
Morten Tor Nielsen Defends Hikvision on Jun 12, 2017
Morten Tor Nielsen, veteran software developer for Prescienta working for OnSSI, has posted "In Defence of Hikvision". As Nielsen explains...
Hikvision Backdoor Confirmed on May 08, 2017
The US Department of Homeland Security's Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has issued an advisory for...
Genetec Expels Hikvision on Nov 08, 2016
Genetec has removed support for Hikvision devices, deeming them 'untrustworthy', citing customer concerns about Chinese government ownership /...
Dahua Distributor Angered "Always Give Good News About Hikvision" on Aug 11, 2016
A Dahua distributor is angry that "IPVM always give good news about HIKvision while destroys Dahua." I can understand the frustration, not of...
US Government Entities Hard Spec Hikvision on May 26, 2016
The US and Chinese governments are working together. Now, US government entities are not only buying video surveillance products from the Chinese...
Comments (150) : Members only. Login. or Join.

Related Reports

Security Fail: ASISNYC Auto Emails Passwords In Plain Text on May 14, 2019
ASIS NYC automatically emails a user with the password the user just entered, in plain text, when one registers for the site / event, as the...
Honeywell Speaks On NDAA Ban, New Non-Banned Cameras and Cybersecurity on Aug 06, 2019
For years, Honeywell has depended on Dahua, a company with a poor cybersecurity track record and now banned by the US NDAA, for the development and...
Hikvision OEM Directory on Aug 13, 2019
The Chinese government-owned and US-government banned Hikvision has become the world's largest video surveillance manufacturer and generally hidden...
Dahua OEM Directory on Aug 16, 2019
US Government banned Dahua OEMs for dozens of companies. The following directory includes 40+ of those companies with a graphic and links to...
Uniview OEM Directory on Sep 11, 2019
This directory lists 20+ companies that OEM products from Uniview, with a graphic and links to company websites below. It does not cover all...
3 Weeks Later, Honeywell Still Cannot Say Whether They Are Vulnerable To Dahua Wiretapping [Now Admits] on Aug 27, 2019
The Dahua wiretapping vulnerability and Dahua's decision to delay disclosing it until IPVM inquired underscored problems with cybersecurity and...
US Army Base To Buy Banned Honeywell Surveillance on Sep 17, 2019
The U.S. Army's Fort Gordon, home to their Cyber Center of Excellence, has issued a solicitation to purchase Honeywell products that are US...
Dahua New Critical Vulnerability 2019 on Sep 23, 2019
Dahua has quietly admitted 5 new vulnerabilities including 1 critical vulnerability with a 9.8 / 10.0 CVSS score and 2 high vulnerabilities (scored...
ONVIF Suspends Dahua and Hikvision on Oct 09, 2019
Dahua and Hikvision have been 'suspended', and effectively expelled, from ONVIF, immediately following US sanctions being placed on the 2 mega...
US Issues Criminal Charges Against Aventura For Fraudulently Selling Hikvision And Other China Products on Nov 07, 2019
The US government has made an unprecedented move on the video surveillance supply chain, charging a US company, Aventura for "having conspired with...

Most Recent Industry Reports

Hazardous & Explosion Proof Access Control Tutorial on Feb 27, 2020
Controlling access to hazardous environments requires equipment meeting specific ratings that certify they will not start fires or will not...
Motorola / Avigilon Drops ISC West on Feb 26, 2020
Motorola Solutions has pulled out of ISC West 2020 effective immediately, because of coronavirus concerns, IPVM has learned. This is done amidst...
Cancel or Not? Industry Split Over ISC West on Feb 26, 2020
The industry is split, polarized, over whether ISC West 2020 should run or be canceled. New IPVM survey results of 400+ respondents show heated...
Coronavirus Hits Sony, Bosch Says Switch on Feb 26, 2020
Sony's fall in video surveillance has been severe over the past decade. Now, they may be done. In this note, we examine Bosch's new...
Video Surveillance Cameras 101 on Feb 25, 2020
Cameras come in many shapes, sizes and specifications. This 101 examines the basics of cameras and features used in 2020. In this report, we...
Favorite Video Analytic Manufacturers 2020 on Feb 25, 2020
Video analytics is now as hot as ever, driven by the excitement of advancing deep learning offers. But what are actually integrator's...
Latest London Police Facial Recognition Suffers Serious Issues on Feb 24, 2020
On February 20, IPVM visited another live face rec deployment by London police, but this time the system was thwarted by technical problems and...
Masks Cause Major Facial Recognition Problems on Feb 24, 2020
Coronavirus is spurring an increase in the use of medical masks, which new IPVM test results show cause major problems for facial recognition...
Every VMS Will Become a VSaaS on Feb 21, 2020
VMS is ending. Soon every VMS will be a VSaaS. Competitive dynamics will be redrawn. What does this mean? VMS Historically...
Video Surveillance 101 Course - Last Chance on Feb 20, 2020
This is the last chance to join IPVM's first Video Surveillance 101 course, designed to help those new to the industry to quickly understand the...