Army Rips Out Chinese-Made Surveillance Cameras

SantiagoDraco

Getting the hang of it
Joined
Dec 8, 2017
Messages
130
Reaction score
51
For most consumers they'd have no clue how to detect data leakage. For network pros sure it would be easy. That said we're talking about military installations here... I'd not want potential adversaries devices viewing our bases either.
 

UberFly

n3wb
Joined
Dec 20, 2017
Messages
4
Reaction score
0
It just strikes me that if a large company like hikvision was selling compromised devices, it would only be a matter of time before it was discovered and their market share would drastically plummet. No one would ever trust them again. Can't see them risking it.
 

fenderman

Staff member
Joined
Mar 9, 2014
Messages
36,897
Reaction score
21,250
It just strikes me that if a large company like hikvision was selling compromised devices, it would only be a matter of time before it was discovered and their market share would drastically plummet. No one would ever trust them again. Can't see them risking it.
They have already been selling compromised devices and no one cares...they just claim it was an accidental back door.....now, these devices should be isolated on networks but they are simply using extreme caution...
 

Myllerman

Getting the hang of it
Joined
Apr 16, 2016
Messages
143
Reaction score
24
For most consumers they'd have no clue how to detect data leakage. For network pros sure it would be easy. That said we're talking about military installations here... I'd not want potential adversaries devices viewing our bases either.
I agree, its not that big of a deal if someone could see my backyard in my camera but a military base is another matter for sure. I would not either take the risk of a potential backdoor that could be dorment for years until some conflict or somthing.
 

SantiagoDraco

Getting the hang of it
Joined
Dec 8, 2017
Messages
130
Reaction score
51
It just strikes me that if a large company like hikvision was selling compromised devices, it would only be a matter of time before it was discovered and their market share would drastically plummet. No one would ever trust them again. Can't see them risking it.
Being smart about security is as much about responding to threats as it is reducing the possibility of a threat. We don't know what we don't know. Also remember that this is China we are talking about. The government controls everything to some extent or another. Companies don't have the protections we do here. Not that we are perfect :) If the Chinese government wanted Hikvision, or Dahua, to implement back doors they would probably have no choice. I imagine the same might apply in the US as well however I would hope it's less an issue of coercion and threat than agreement and cooperation.

In any case the best prevention is to assure you have no risk in the first place. I've watched the transformation of the military from proprietary systems to COTS over the years and my biggest concern is the risk this introduces as in a COTS system it's impossible for the government to control the design and manufacturing process completely enough to have a high level of assurance that there are no backdoors.
 

yakky

n3wb
Joined
Dec 30, 2017
Messages
21
Reaction score
3
For most consumers they'd have no clue how to detect data leakage. For network pros sure it would be easy. That said we're talking about military installations here... I'd not want potential adversaries devices viewing our bases either.
Dunno, you could certainly leak a very low res stills in something like an update query to the mothership or a time sync. So many possibilities that look innocuous.
 

UberFly

n3wb
Joined
Dec 20, 2017
Messages
4
Reaction score
0
How is the firmware updated on hikvision cams? If the cameras themselves are denied outbound access, would that stop a threat if it was there? Only the monitoring software is accessible throught vpn etc? I've wondered about all cams not just hikvision because they're all made over there. Sorry, I'm still learning...
 

SantiagoDraco

Getting the hang of it
Joined
Dec 8, 2017
Messages
130
Reaction score
51
Dunno, you could certainly leak a very low res stills in something like an update query to the mothership or a time sync. So many possibilities that look innocuous.
Certainly you could do things to prevent a leak... but is there a chance that something might happen to allow a leak to occur anyway? A firewall change that shouldn't have happened. A phishing attack that drops a piece of middlewhere somewhere that allows video to leak out. For the normal joe it's probably not a big risk but for the military the question becomes why take the risk at all?
 

yakky

n3wb
Joined
Dec 30, 2017
Messages
21
Reaction score
3
Certainly you could do things to prevent a leak... but is there a chance that something might happen to allow a leak to occur anyway? A firewall change that shouldn't have happened. A phishing attack that drops a piece of middlewhere somewhere that allows video to leak out. For the normal joe it's probably not a big risk but for the military the question becomes why take the risk at all?
The viewer software could itself be the middleware for network access.
 
Top