Hikvision Rejects Responsibility for Hacked Hikvision Cameras

By John Honovich, Published May 10, 2016, 07:57am EDT

After a massive number of Hikvision cameras were hacked, Hikvision has added new, and questionable legal language, declaring that Hikvision will take no responsibility for hacked Hikvision cameras.

No Responsibility

The language is inserted in a legal disclaimer section included in Hikvision documentation such as user manuals and quick start guides in the box:

HIKVISION SHALL NOT TAKE ANY RESPONSIBILITES FOR ABNORMAL OPERATION, PRIVACY LEAKAGE OR OTHER DAMAGES RESULTING FROM CYBER ATTACK, HACKER ATTACK, VIRUS INSPECTION, OR OTHER INTERNET SECURITY RISKS

This language is not found in documentation prior to the hacks (such as the 5.2 user manual), but is now commonplace in the 5.3 and later documentation, that was released after the numerous hacking issues.

Extremely Uncommon

While product warranties have general liability limitations, it is quite uncommon for camera manufacturers to have explicit language excluding cyber security. Of course, this is even more significant given Hikvision's poor cyber security track record and Hikvision's industry worse cyber security rating from integrators.

Hikvision Chinese Government Ownership

Making this even more complicated, Hikvision is a Chinese state owned enterprise, run by the Chinese government / China communist party. Undoubtedly, the Chinese government is one of the best cyber hacking entities globally.

Get Notified of Video Surveillance Breaking News
Get Notified of Video Surveillance Breaking News

It is, minimally, ironic, that an organization so strong at cyber hacking would seek to use the International legal system to protect itself from the consequences of their own products being hacked.

End User Risk

If you are an integrator supplying Hikvision or an end user with Hikvision products deployed, we urge you to consult with your attorney to understand the legal risk and ask Hikvision to remove this clause.

Not only is it uncommon but the process of how Hikvision has simply added it to product documentation is questionable (e.g., Are Hikvision products bought before 2015 covered by this? Is inserting a disclaimer in a manual legally binding?).

Buyer Truly Beware

As it is, if Hikvision makes another colossal mistake (e.g., copying malicious code from a bulletin board like they did in 2015) or if they allow Chinese government backdoors in their cameras, Hikvision buyers take all the risk.

And while Hikvision's super low prices are attractive, one needs to seriously factor in these risks.

8 reports cite this report:

Hikvision Responds To Cracked Security Codes on Aug 15, 2017
Hikvision has responded to IPVM's report on Hikvision's security code being...
US Army Bans Chinese DJI Drones on Aug 08, 2017
The US Army has issued a ban on Chinese-made DJI drones. A US Army memo...
Hikvision USA Head of Cybersecurity Exits on Jul 18, 2017
Hikvision USA's Head of Cybersecurity has exited the company. In this note,...
Morten Tor Nielsen Defends Hikvision on Jun 12, 2017
Morten Tor Nielsen, veteran software developer for Prescienta working for...
Hikvision Backdoor Confirmed on May 08, 2017
The US Department of Homeland Security's Industrial Control Systems Cyber...
Genetec Expels Hikvision on Nov 08, 2016
Genetec has removed support for Hikvision devices, deeming them...
Dahua Distributor Angered "Always Give Good News About Hikvision" on Aug 11, 2016
A Dahua distributor is angry that "IPVM always give good news about HIKvision...
US Government Entities Hard Spec Hikvision on May 26, 2016
The US and Chinese governments are working together. Now, US government...
Comments (150) : Members only. Login. or Join.
Loading Related Reports