Chinese Company Xiongmai Threatens Legal Action Against Western Accusers

Author: Brian Karas, Published on Oct 24, 2016

The Chinese video surveillance manufacturer, Xiongmai, whose equipment numerous sources blame for driving massive Internet attacks over the past month has fired back, defending itself against allegations. Moreover, they have involved the Chinese government's Ministry of Justice threatening legal action against those defaming them.

'Allegations'

Various publications have cited Xiongmai's products as being used in these cyber attacks.

Cybersecurity journalist Brian Krebs, one of the first Mirai victims, called out Xiongmai:

These products from XiongMai ... will remain a danger to others unless and until they are completely unplugged from the Internet.

Security research firm Flashpoint linked XiongMai to the Mirai botnets:

a very large percentage of these IP involved in the DDoS attacks were hosting XiongMai Technologies-based products.

ComputerWorld claims that XiongMai has taken direct responsibility:

Hangzhou Xiongmai Technology, a vendor behind DVRs and internet-connected cameras, said on Sunday that security vulnerabilities involving weak default passwords in its products were partly to blame.

Xiongmai Threat

Get Video Surveillance News In Your Inbox
Get Video Surveillance News In Your Inbox

However, XiongMai is now fighting back. Working with the Chinese Ministry of Justice, they are attacking 'false statements' and threatening legal action in a Oct 24 social media posting.

[Update Oct 25: Xiongmai has added the same report to their Chinese language website.]

Xiongmai / Ministry of Justice denied responsibility:

XiongMai's products for embedded closed system, the product can not be manipulated by criminals.

Xiongmai / Ministry of Justice blamed users:

The event hackers control products is the use of users do not change the initial password accustomed to the operation

Finally, they threatened legal action against those who 'falsely' claim they are fault:

Organizations or individuals false statements, defame our goodwill behavior ... through legal channels to pursue full legal responsibility for all violations of people, to pursue our legal rights are reserved. 

Why XiongMai Is Widely Unknown Even Within the Industry

Xiongmai does not sell nor market under its own brand. Rather, it OEMs / supplies to hundreds of 'manufacturers' / companies who incorporate their components / modules into their own products.

However, Xiongmai is one of the largest suppliers in the global video surveillance market. Sources within the China video surveillance industry indicate that, via their OEMs / customers, they are the 3rd largest video surveillance provider, behind Hikvision and Dahua.

Dahua Involvement

Dahua, the #2 China video surveillance manufacturer, has been at the center of the Mirai botnet attacks as well, and while they have not threatened legal action, they have also been defensive. Brian Kreb's called Dahua duplicituous and our analysis found that Dahua was deceitful in their response.  

Hikvision Not Involved

The largest China video surveillance manufacturer, Chinese government owned Hikvision, has not been accused of being involved in the Mirai botnet attacks, which is certainly very good news for them, considering their leading Chinese rivals have been. Of course, Hikvision products suffered major hacking attacks in 2015.

Legal Threat Impact Very Low

We believe Xiongmai has issued this announcement as a PR effort within China, to help counter criticisms they are facing. We do not believe that Xiongmai or the Ministry of Justice is seriously going to sue any Western companies as this is a typical tactic to save face. 

Chinese Video Surveillance Market Impact

Over the past 5 years, Chinese video surveillance manufacturer's share of the global video surveillance market has surged. Between the security flaws of products from Xiongmai and Dahua and Hikvision being owned by the Chinese government, this has created extreme concerns about the impact of Chinese video surveillance products.

4 reports cite this report:

Top ISC West 2017 Booth Moves on Jan 16, 2017
There are significant moves among many major manufacturers on the ISC West show floor, and very few prime spaces left unoccupied. In this report we...
XiongMai Master Password List Emailed By Chinese Spammer on Dec 05, 2016
XiongMai created an international uproar as their devices drove massive botnet attacks of major Internet sites. After pledging to recall cameras...
Hackers Battle For 3 Million Strong Mirai Botnet on Nov 28, 2016
Mirai-infected devices have become so large and so prevalent that multiple hackers are now fighting each other to control these devices. This...
Now Knocking A Country Offline - The Video Surveillance Driven Botnet Wreaks Havok on Nov 03, 2016
The video surveillance driven botnet is now attacking an entire country. The Mirai malware that took advantage of poor security in Xiongmai, Dahua...
Comments (36): PRO Members only. Login. or Join.

Related Reports

Amazon Sales of Hikvision China Cameras on Jan 12, 2017
Hikvision has become widely available in the US, including on popular retail outlets like Amazon, with over 2,600 results: 4MP Hikvision outdoor...
Hikvision New R&D Base To Create 10,000+ Jobs, Says Chinese Government on Jan 10, 2017
Hikvision has secured a major new China government partnership.  In this note, we examine the official statement from the Chinese government and...
How Axis Can Beat Hikvision on Jan 09, 2017
Hikvision has rocked the industry globally, bullying former video surveillance revenue leader Axis even in the Western world. What can Axis...
Hikvision Sales and Support Conflict Over Discontinuation on Dec 28, 2016
Numerous Hikvision technical support employees have confirmed that the iVMS-4500 will be discontinued. Some Hikvision sales people say this is...
China Government Funds $100 Million South American Security / Surveillance Project on Dec 27, 2016
Chinese manufacturers stand to benefit from new funding that the Chinese government is giving to a South American country for a $100+ million...
The Future of Video Surveillance Distribution on Dec 22, 2016
40+ video surveillance distributors around the world told us what they see as the present and future of distribution. The key positive: solutions....
Hikvision False 'Made In USA', Sold to US Government on Dec 20, 2016
A China State Owned Company, Hikvision products are listed as "Made In United States of America" and for sale to US government agencies, despite...
Yes, Milestone, The Glory Days Are Over on Dec 20, 2016
Milestone challenges: Are the glory days over? Or are we in a position as a Community to defy these ominous predictions and define the future...
2017 Video Surveillance Predictions on Dec 15, 2016
2017 should be an active, if not rocky, year for the security industry, according to predictions from IPVM integrators. We surveyed integrators,...
Hikvision Discontinuing Online Service on Dec 12, 2016
Hikvision has declared it will discontinue its Hikvision online service, just days after IPVM's Hikvision Cloud Security Vulnerability...

Most Recent Industry Reports

Vivotek Favorability Results on Jan 20, 2017
Financially, Vivotek is doing relatively well. The company did ~$130 million in 2015 revenue and 2016 revenue (through Q3 reported) was up more...
PR Firm Pleads Don't Scrap PR Spending on Jan 20, 2017
PR is not dying, warns pleads PR firm. Take 40+ year old industry PR firm LRG, who recently lamented the 'misconceptions' that: Traditional PR...
Getting Started With Your IPVM Membership on Jan 20, 2017
Here's how to get started and get the most out of your IPVM membership. Books for Members All members can download the 3 member-only books below...
Jim Cramer Sucks Up To Knightscope on Jan 19, 2017
Credit must be given to Knightscope. They are raising money right now and despite their $80 million pre-money valuation against a lowly sub $1...
ADT Launches Canopy - Professional Monitoring For DIY Devices on Jan 19, 2017
The intrusion industry has criticized DIY security systems for years, claiming systems like Canary or Scout cannot match professionally installed...
Dahua UnFavorability Results on Jan 19, 2017
Dahua, the mega-Chinese surveillance manufacturer not primarily owned by the Chinese government has been trying to break out of the shadow of...
Paxton Hosted Access - Disruptive Low Dealer Pricing on Jan 19, 2017
Paxton is entering the hosted access game, with BLU, at a cost that is a fraction of key competitors. The different approach could be very...
Geovision Launches Direct Cloud Offering on Jan 18, 2017
Add cloud, subtract integrator. Geovision has launched myGVcloud, an offering that allows consumers to buy cameras and cloud services directly...
Anixter / Bosch Sells Direct to Amazon on Jan 18, 2017
Anixter regularly says they do not sell direct to end users or that they do not do it anymore. However, over the past year, Anixter has sold Bosch...
Smart Power Tools For Security Installs on Jan 18, 2017
Installing a smart camera? Perhaps you should use a 'smart' drill. The intelligent appliance / IoT trend has hit power tools. In this note, we...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact