US Embassy Requires Hikvision Cameras

Author: John Honovich, Published on Aug 29, 2016

The US Embassy in Kabul Afghanistan has required only Hikvision cameras in a new US federal government bid.


Quiz: See how well you know the relationship between Hikvision and the Chinese government with this 5 question quiz.

Bid Requirement Hikvision

The US federal bid calls for:

And only Hikvision will be accepted:

bids containing substitutions will be viewed as UNACCEPTABLE. If you are not able to deliver the line item as requested, DO NOT BID.

The cameras required are $100 - $150 commercial EXIR models:

Get Video Surveillance News In Your Inbox
Get Video Surveillance News In Your Inbox

Those cameras are solid commercial offerings (see our Hikvision EXIR test results) common in small to medium sized businesses but, even without the Chinese government ownership, are a strange choice for the high standards of sole source justification for federal facilities.

But the US government has filed a request for that with no meaningful visible defense:

On the positive side for Hikvision, it is a great endorsement for them and their massively growing US sales and marketing organization to get locked in to US federal installations. 

On the other hand, it is a risk for the US government to be deploying Chinese government controlled surveillance cameras into high security federal facilities.

UPDATE Nov 2016

The State Department has cancelled this procurement and removed Hikvision cameras from this US embassy.

Vote - What Do You Think?

Second Poll (Updated)

By member request, here is a new second poll:

3 reports cite this report:

Hikvision Discontinuing Online Service on Dec 12, 2016
Hikvision has declared it will discontinue its Hikvision online service, just days after IPVM's Hikvision Cloud Security Vulnerability...
Hikvision Removed From US Embassy on Nov 22, 2016
Hikvision cameras have been removed from the US Embassy Afghanistan and a procurement for more Hikvision cameras has been cancelled, after IPVM's...
Pelco Matrix End Of Life - End Of An Era on Oct 20, 2016
Pelco Matrix switchers, once the pinnacle of large SD analog installations, are now literally impossible to build. The Matrix products were not...

Comments (69)

Only IPVM PRO Members may comment. Login or Join.

What happened to the Buy America Act? I worked for State Department agencies for 9 years back in the late 80's and 90's. Back then Burle was the standard. Then the migrated to all Panasonic. It is a lucrative market when you start talking about maintenance and support. Things must have changed be we would get chastised for mentioning anything that was not US made. I also used to work with supplying armored vehicles for overseas posts and their weren't a lot of companies doing that work in the US back in those days even though BMW and Mercedes made great armored cars.

Which BAA - there are two of them. The one signed in 1933 would most likely apply to this procurement, however, there are quick opt-outs that can be applied (In certain government procurements, the requirement purchase may be waived by the Contracting Officer or the Head of the Contracting Activity (HCA) if the domestic product is 25% or more expensive than an identical foreign-sourced product, if the product is not available domestically in sufficient quantity or quality, or if doing so is in the public interest.)

The BAA of 1983 is on US Federal Projects (in country) using Federal $$$ for infrastructure and is managed by the Department of Transportation.

All you need is a creative writer who can craft a justifiable reason for using the non-US made product. In this case, I would say that the 25% rule (expense wise) applies.

All that to say, I think that the use of a Chinese Government product by a sensitive US government entity is a bad idea. The real problem is - where are the US camera manufacturers? Are they here - advocating for their needs - providing product that can be substituted with the HikVision product and secondarily (and possibly more important) - WHY is our government not going after the Chinese Government with WTO on their massive subsidizing of this industry ...

Maybe the guys in the movie War Dogs could organise the bids.

What do you expect from the Department of State?

It makes me wonder if the Senate or House Appropriations or Armed Services Committees might not fall out of their seats if aware of this? I support the "Buy American whenever possible" preference but in video, especially cameras it's extremely difficult to do. Given revelations of the nations most active in state sponsored hacks and back doors it has to give one pause.

Just shows the value they out in security. Kabul is a pretty safe place right...

Time for some whistleblowing.

My friend's uncle is a US diplomat... Time to make a call.

"Hikvision Achieves Risk Management Framework Certification from U.S. Army"

It means nothing to some members?

Normally I would argue the likelihood of a video data feed being viewed by foreign nationals and anything remotely actionable being discovered is slightly more than zero.

Not zero though, because of cases like this. Embassies are havens for in-country intelligence operations. Just access to the faces and times and groupings of visitors would no doubt be of substantial value to other governments.

Nobody likes a $700 hammer, but in cases like this I think we shouldn't mind paying more.

Its worth it.

I just pray that the system is on its own, completely separate, network. If it isn't, the video feeds are the least of my concern.

The presidential library is projected to cost 1Bil for starters...chump change for those donating...

Makes me a tad nervous to use Hikvision knowing the involvement that the Chinese government has with Hikvision.

And now for everyone else to connect the dots.

Given all the Chinese funding and R&D, you know that the HIK firmware is riddled with back doors. I mean, put it together: 1) if the NSA can do it with Cisco, Dell and so many other makers; 2) the NSA tools just got taken by someone, perhaps Russia, and 3) the Russians, Chinese, Iranians and others are all aligning, then: 4) the US might as well just open up the ports, default the passwords, and let serve as the State Dept's global VMS. Jeeez.

"..let serve as the State Dept's global VMS"

That was funny :)

...their massively growing US sales and marketing organization to get locked in to US federal installations.

And throw away the key ;)

I keep waiting for HikVision to announce Eric Snowden as their Pitchman...

I keep waiting for HikVision to announce Eric Snowden as their Pitchman...

Or his brother ;)

Please contact me when you do an Embassy job and they give you a "static IP" or port for your outside connection.

What is reason for the applicant's sole source justification?

According to the document you linked to above, Mr. Stephen Cunningham signed off on this request to use 'Other Than Full And Open Competition' - and he gave his reasoning as follows:

The cameras are being used to monitor the inside of network closets and server rooms as part of a security/accountability measure.

The 'Information Technology Local Change Control Board at Post' (whomever they are) is the 'agency' mandating the use of this particular brand and model camera. This 'agency's' claim is that they can only ensure the security of their networks by standardizing their configuration guidelines - which requires using this one brand and model camera - and even state outright: "If another brand were to be used, we would not be able to ensure the same level of security."

Further, Mr. Cunningham cites FAR 6.302-1 - "Only one responsible source and no other supplies or services will satisfy Agency requirements" - as his sole source justification.

So the IT boys like that camera, can install and configure that camera - so there is a need for 'other than full and open competition?

Finally, Executive Order 12958 (which deals with identifying and protecting classified information) cited following Mr. Cunningham's signature is no longer in effect - and has been superseded by 2 other Executive Orders. Obamas EO13526 is current.

Video surveillance from a foreign embassy will most certainly be classified information.

So Americans will never get to see it.... unless they go to work for the Chinese government maybe? :)

Hikvision coming to a NSA, CIA, MI6 or MI5 near you.. lol

Something to think about in regard to Foreign Manufactures introducing products to the US Federal Government market is how it fits into Information Assurance (IA). IA has effectively killed numerous products from entering service in the US DOJ/DoD. I guarantee that the HikVision products are not IA compliant (

In anycase - this is going to continue to be an issue until the Federal Government controls it's FCO and ensures that they are following procurement code and executive orders.

HEY - I got no problem with this IF they open up ALL of their markets (including the Chinese Government's own institutions as a market we can directly sell to without restriction). That will never happen - guaranteed.

This should be leaked to the mainstream media.

That moment you see John Honovich on Fox News...

Remember, John... Don't say "um."

There's an interesting read here and here. The government corporation that "owns" a large portion of Hikvision has been tasked to develop software to track and predict terrorism. Seems like a botnet of NVRs with ample data would help. Possibly relevant? Worth investigating? Not sure... not a fan of conspiracy theories though I may have just opened this one.


Has anyone ever performed a penetration test against Hikvision cameras, NVRs, and DVRs the same as was performed on Axis recently? It seems that it is unlikely there is a backdoor, but I would think someone must have tested it at some point by now. It would be nice to put this to rest rather than speculate.

It's funny that the vote has been carefully designed, you have added an "only" to the question so that the answer is “No”.

If the question is "Should US Embassy require Hikvision cameras (to protect their safety)" ? then the answer is most likely to be "yes".

I also don't agree that US Embassy should only buy Hikvision cameras, they should buy whatever that is good to protect their safety, and politically correct. if they have lot of fund, then they can buy whatever best products, but at Afghanistan, other US brands are probably either too difficult to buy, or too expensive to provide a service.

Question: Is it legal for US government to buy Hikvision product ? Is it more because of political reasons or just because of the product is insecure ?

Question: Is it in the National Security interests of the US government to buy Hikvision and Chinese government product ?

3, I added a variant of your question as a poll:

you have added an "only" to the question

That reflects the fact of what is happening here. The US Embassy requires only Hikvision cameras. LTS, Dahua, Arecont, Axis, Samsung, etc. etc., no one else is allowed.

Is it legal for US government to buy Hikvision product ?

The question is being raised of whether Hikvision meets Buy America requirements which are common for such federal purchasing programs. We are looking into that.

Hikvison is great for residential but for the Embassy!? No. If they have any smarts they would choose avigilon.

Hikvison is great for residential but for the Embassy...

Suites, maybe.

Do you mean Securities or security? What camera manufacturer is actually making their cameras in the states? I'm not any happier about the cameras coming down so much in cost but if they set up shop here they're making an investment in US workers I am not concerned anymore about security of the camera and the Chinese monitoring it then I am about any other device on the network. I'd be less concerned about them spying through government firewalls then I would be about the consumer buying them installing them in their house. That all being said I'm still upset that the United States cannot buy product more relevant to here in the US but you can't fault his HikVision because of our stupidity. It's time to find a new Avenue to combat this low-cost manufacturer after all most Americans still walk into Walmart and buy an American flag that's made in China.

I was really surprised about the second vote result.

Do you really think that deploying Dahua, Hikvision, "Anyvision" cameras/NVRs are security risk? Why?

Anybody heard about network monitoring? About firewall, VPN, etc?

Securing security nowdays is much more about information security, than "what kind of camera you are using".

I agree with you 100%. If the truth was know I would bet that 99% of the HikVision detractors are competitors.



99% of the HikVision detractors are competitors.

And their supporters like you? ;)

There's no doubt that most Hikvision detractors are competitors just like most Hikvision supporters are partners.

Ultimately, we should be striving to find facts and real evidence.

To that end, and as those of you who read IPVM regularly know, I think the cybersecurity concern is much less important than the economic strategy that Hikvision / Chinese government is taking.


You think your networks are secure from snooping by interested governments?

Dream on...

...99% of the HikVision detractors are competitors...

80% of 132 = 105.

1% of 105 = 1

Don't I feel special.


Ok, but please remove the comma, it's grammatically incorrect,.

Not a competitor - consumer and installer.

Can you provide the link to the US Government bid referenced above?

17, this is the original link but for some reason Monday morning it was no longer publicly available. We had already downloaded the attached reports (which are the links / screenshots you see in the article).

I was mainly interested in reading / seeing the original government solicitation request. Odd the link doesn't work any more.

Just thought I would try one more time, and hopefully it comes out the woodwork...or someone knows where to look....but does anyone have a copy of the original government solicitation request?

Maybe it's squirrelled away on the the website....

I have an old Upper Deck Ken Griffey Jr rookie card I could trade you...OBO.

I was searching for non-IPVM information on Hikvision and Afghanistan, and found that Hikvision's Afghan partner is a company called Tesla Engineering Services Co. - presumably NOT related to Tesla Motors in the US.

No idea whether this company would be used by the US Embassy, or if a US company would be brought in to perform the installation.

Honestly, I think this is shameful and I would never have believed it would ever happen. There is only one logical explanation...someone is getting greased in the process. We already know that that sort of thing is not beyond the Chinese government in any way, and sadly, our own government.

There is only one logical explanation...someone is getting greased in the process.

I have no idea why Hikvision was selected but I think their is a more banal likely explanation. They needed some cameras, they asked around, got some positive feedback on Hikvision, saw the price was so low, widely available, selected it.

That's based (1) on my experience dealing with government purchasing and (2) that greasing is typically connected to very expensive items (to include the greasing) rather than super cheap ones.

Possibly. I guess if we see more of this around the world and in our own country, then we know it's not just about 1 embassy. If we do see more Hik-only RFP's from our own fed, then I would say that said greasing is entirely realistic. We already know it's entirely possible.

If we do see more Hik-only RFP's from our own fed, then I would say that said greasing is entirely realistic.

I am sure there will be many more and with Hikvision ramping up its enterprise sales team that will accelerate it further.

I don't think greasing is the most sensible tactic. Better to just drop prices, like they are doing. So many of these bids are structured for low bid, and Hikvision excels at that.

As Edward mentions, I do think as Hikvision becomes better known other factors and concerns will block it but the super low price / super sized sales team combo is a good approach to government work.

I think you have the most salient of responses here. As with any procurement, price is critical (moving forward). I think the FCO hasn't done their research on IA compliant and BAA requirements and is taking the path of least resistance. In any case, this will continue until it they are confronted with both the risk and violation of CFR. This really is a violation of the CFR - specifically IA compliance for sensitive sites, data encryption, and foreign purchase. China is not on the most favored list of countries you are allowed to buy from - in fact, they are specifically not listed for good reason.

Hey, I'm with you but how are they able to get diacap certification do you think?

DiaCap was dropped March of 2015

Great question - IA is pretty rigorous. Most European / SE Asian products don't meet IA Compliance. The real issue is the list of TAA (Trade Agreement Act) countries where BAA is designated. China is NOT on that list. So, even if they achieved diacap certification, they still don't pass muster with BAA. Sometimes, however, I think we have so many regulations on products that countermand each other and make navigating this very complicated. All I have to say is - Follow the Rules (BAA is listed in the procurement as applicable and so, therefore, is TAA Countries).

Though the BAA only applies to purchases over $3,000, right?

30 x 100 = ?

What are the odds of that?

Should make you wonder why Chinese Companies are donating to Terry Mcauliffe And the Clinton Foundation, obvious Pay for Play.

I recently sent an email to the procurement officer on a "complimentary" purchase that was listed in this thread and designated as HikVision. Here is my request and their response.


I'm inquiring about this procurement as you state that this is a HikVision or equivalent product. Are you aware that your request (without valid justification - other than cost) is a complete violation of the BAA act that you say applies to this procurement. I would believe that you are violating the BAA in addition to the fact that the HikVision product is produced by a company that is partially owned by the communist government of china. This is clearly not a friendly country to the US and is not on the approved list of countries from which the Federal Government may procure products. In addition, I believe that this product will not pass IA compliance.

Please consider pulling this procurement and specifying VALID products that are IA compliant and are considered approved under BAA.

: Response :

Thank you for inquiring about subject solicitation. After considerable research, I can assure you that we are not violating the Buy American Act.

DFARS 225.1101(2)(i) - directs me to use the DFARS 252.225-7001, Buy American and Balance of Payments Program clause for acquisition of commercial items (FAR Part 12)

DFARS 252.225-7001(b) states, This clause implements 41 U.S.C chapter 83, Buy American. In accordance with 41 U.S.C. 1907, the component test of the Buy American statute is waived for an end product that is a COTS item (see section 12.505(a)(1) of the Federal Acquisition Regulation). Unless otherwise specified, this clause applies to all line items in the contract.

DFARS 252.225-7001 defines COTS as "Commercially available off-the-shelf (COTS) item"-

(i) Means any item of supply (including construction material) that is-

(A) A commercial item (as defined in paragraph (1) of the definition of "commercial item" in section 2.101 of the Federal Acquisition Regulation);

(B) Sold in substantial quantities in the commercial marketplace; and

(C) Offered to the Government, under a contract or subcontract at any tier, without modification, in the same form in which it is sold in the commercial marketplace; and

(ii) Does not include bulk cargo, as defined in 46 U.S.C. 40102(4), such as agricultural products and petroleum products.

FAR 12.505 Applicability of Certain Laws to Contracts for the Acquisition of COTS Items

COTS items are a subset of commercial items. Therefore, any laws listed in sections 12.503 and 12.504 are also inapplicable or modified in their applicability to contracts or subcontracts for the acquisition of COTS items. In addition, the following laws are not applicable to contracts for the acquisition of COTS items;

(a)(1) The portion of 41 U.S.C. 8302(a)(1) that reads "substantially all from articles, materials, or supplies mined, produced, or manufactured in the United States," Buy American--Supplies, component test (see 52.225-1 and 52.225-3).

FAR 52.225-1(b) 41 U.S.C. chapter 83, Buy American, provides a preference for domestic end products for supplies acquired for use in the United States. In accordance with 41 U.S.C. 1907, the component test of the Buy American statute is waived for an end product that is a COTS item (See 12.505(a)(1)).

These camera systems will never be connected to any outside or Air Force LAN.

Thank you again

The last line got me all hot and bothered - how are they going to ensure that this never gets connected to any outside or Airforce LAN .... how would you answer this?

NOTICE: This comment has been moved to its own discussion: Does Hikvision Violate The Buy American Act?

Much of this is a result of the Benghazi Accountability Review Board (ARB) and our government not funding an initiative. The ARB required high definition surveillance cameras at high risk facilities be upgraded, but across the board funding was slashed drastically. Before this embassy they'd been using analog but have been pushed to go to IP much quicker than they'd like, as analog product is becoming less available. Reality of this is that the federal employees that are making these decisions have experience with analog but are still learning network cameras. For many of us, when we transitioned from analog to IP, we didn't fully grasp the differences...analog is inherently a closed system...IP never will be. I think that is where DOS is now.

Don't know if somebody already saw this and posted it, but it's confusing and hilarious:

Honovich is in charge of the blog, "To Inform is to Influence?"

Honovich is in charge of the blog, "To Inform is to Influence?"

He's got another blog on the side?!

John, are you two-timing us?


The 'To Inform Is to Influence' blog stole our article. I have filed a DMCA request to have Wordpress remove it.

I have filed a DMCA request to have Wordpress remove it.

In the true spirit of "Informing to Influence".

If the brief is simply to watch wiring closets wouldn't a secure solution be to simply use 3MP TVI cameras on a closed coax network with no outside network connection whatsoever. Then all they have to do is make sure no one knocks on the door that they don't know....simple no nasty red's under the bed problems.

Unless the Hilkvision cameras have hidden satellite uploading hardware built in to them that no one knows about. (cue spooky soundtrack)

With monitoring/playback only at the DVR?

Or does the TVI DVR have network access?

Yes monitor only connected at the DVR and no network connected to the LAN port. Surely no one needs to actually be monitoring cameras looking at wiring closets remotely.

Update: to those of you who protested, the State Department has addressed this: Hikvision Removed From US Embassy

Related Reports

Deceptive ASIS Attendance on Oct 06, 2017
ASIS is being deceptive with its conference reporting, effectively inflating the event's real actual attendance. What they try, but struggle to...
'Clowns' Allege Ubiquiti 'Completely Fraudulent' on Sep 20, 2017
A short seller has alleged Ubiquiti is 'completely fraudulent'. Ubiquiti's CEO has responded calling them 'clowns'. Here is the short...
Avigilon Touting 'Made In America' on Sep 18, 2017
Canadian manufacturer Avigilon, who completed a US manufacturing facility in 2015, is now running a marketing campaign touting 'Made In America',...
Cloud Guy Prints Book, Misses Irony on Sep 15, 2017
On-premise security systems are dead. But $75 print books are alive and well. Such are the lessons from Brivo's CEO new book "The Five...
Dahua USA President Out, South American President Takes Over on Sep 11, 2017
Dahua's South American President has taken over Dahua North America as well. This is Dahua's third North American head in 2017. Will this one...
The 3 Most Outstanding Security Manufacturers (OSPAs) Make No Sense on Sep 08, 2017
The Outstanding Security Manufacturer finalists (US edition) are here: And if you are wondering, "How did those 3 get chosen?" then you are...
Hikvision Happy With Bad Security Unless Hit With Bad Press on Aug 28, 2017
Hikvision is happy to have bad cyber security unless they are hit with bad press, as we detail inside. When you look at the pattern of their...
‘Experts' Fail On Dumbo IP Camera ‘Hack' on Aug 24, 2017
Dumbo, revealed by Wikileaks, has become big news. Unfortunately, 'experts' in the security industry have gotten it wrong, incorrectly contending...
China Threatens Reducing Exports to the USA on Aug 23, 2017
The US government has launched a probe into China's alleged theft of US intellectual property. The Chinese government has fired back, threatening...
US Army Bans Chinese DJI Drones on Aug 08, 2017
The US Army has issued a ban on Chinese-made DJI drones. A US Army memo obtained by sUAS News references a classified document from the Army...

Most Recent Industry Reports

Cisco Falling - Favorite Network Switches 2017 on Oct 20, 2017
1 major manufacturer fell and 1 outsider manufacturer gained as integrator favorites for network switches from more than 140 votes / explanations...
Uniview Recorder Backdoor Examined on Oct 20, 2017
A Chinese research group has identified a vulnerability in Uniview recorders that allows backdoor access in a method similar to the Dahua...
Hikvision Access Control Tested on Oct 19, 2017
Hikvision aggressive pricing and marketing combined with generally reliable hardware and free software has made them a major player in video...
Verkada, Silicon Valley VSaaS Startup, Targets Enterprise on Oct 19, 2017
Verkada says they are building an enterprise-class VSaaS offering, calling it "The new platform for video security". This is a departure from the...
Exacq Unbreaks Avigilon Integration on Oct 18, 2017
For nearly 4 years, Exacq had broken and effectively blocked use with Avigilon cameras, as IPVM reported in January 2014. Now, Exacq has...
Search More Important Than Live Monitoring - Statistics on Oct 18, 2017
Search is overall more important than live monitoring to integrators, according to new IPVM statistics.  The key themes found in integrator...
Axis 'Sold Out' P3707-PVE Multi-Imager Tested on Oct 18, 2017
Axis faced significant product shortages over the summer. Perhaps the most notorious and significantly sold out model was the Axis P3707-PE 8MP...
Dahua Removes Auto Rebooting on Oct 17, 2017
For years, Dahua has automatically programmed its IP cameras to reboot weekly, a highly atypical and questionable practice. Following IPVM...
Deep Learning Tutorial For Video Surveillance on Oct 17, 2017
Deep learning is a growing buzzword within physical security and video surveillance. But what is 'deep learning'? In this tutorial, we explain...
Multipoint Lock Access Control Tutorial on Oct 17, 2017
Doors are notoriously weak at stopping entry, and money can be misspent on wrong locks that leave doors quite vulnerable. While closed and locked...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact