Category Archives: Home and Business Security

Why Are These Security Cameras Being Banned?

[et_pb_section fb_built=”1″ _builder_version=”3.0.47″ custom_padding=”17px|0px|29px|0px|false|false”][et_pb_row custom_padding=”17px|0px|13px|0px|false|false” _builder_version=”3.0.48″ background_size=”initial” background_position=”top_left” background_repeat=”repeat”][et_pb_column type=”4_4″ _builder_version=”3.0.47″][et_pb_text _builder_version=”3.21.4″]

Cameras from the companies Dahua and Hikvision are commonly used surveillance cameras in the United States. They’re found everywhere from government buildings and corner stores to office buildings, and they’re popular for their ability to produce sharp images even in conditions of almost total darkness.

 

So why are they being banned? And how can you properly secure your own business without risking unwanted Chinese interference?

 

The H.R. 5515 Bill

Back in August 2018, the 2019 National Defense Authorization Act (NDAA) was signed into law, which included part of H.R. 5515, a bill that banned governmental use of surveillance cameras produced by Dahua and Hikvision.

 

The Dahua and Hikvision Cameras were banned citing “risky technology” that was “linked to the Chinese Communist Party’s intelligence apparatus”.

In other words, the government is concerned that cameras from the two brands were being used to collect sensitive information about both public and government systems and locations. As reported by Bloomberg, a secret backdoor channel was found in certain Dahua cameras in 2017, and many other cameras from the company reportedly contain the exact same backdoor.

 

New Laws Moving Foward

The new law bans the use of Dahua and Hikvision Cameras for government-funded contracts, use in national security contexts, and installation at critical infrastructure. The law will go into effect in August 2019, although in reality many companies have already cut ties from these potentially dangerous devices. 

 

The law may even have an impact far beyond the borders of the United States, as the US frequently provides cameras from both Hikvision and Dahua to other countries for use in their security systems.

Yet the United States isn’t the only country to act on its misgivings about cameras from Dahua and Hikivision. In September of last year, the Australian Strategic Policy Institute expressed its distrust of the security cameras, stating that “having these sorts of cameras in secure facilities just doesn’t make any sense.” Around the same time, Austrialia’s ABC news reported that the cameras were likely being used to conduct spying operations within Australia.

 

What Happens Now to Dahua and Hikvision?

Currently, Hikvision and Dahua maintain offices in North America, and as recently as April the companies showed off their cloud-based video products at a major security industry tradeshow, ISC West.

According to Bloomberg, the ban has already substantially cut sales of Hikvision products in the US. While the law only applies to government and government-contracted installations and systems, public companies are also wary of using the devices. It remains to be seen how the ban of their cameras will affect the willingness of public companies to do business with them moving forward.

Choosing a Better Security Camera System

Your best bet? Choose a security camera and surveillance brand that offers reliable, trusted security. 

If you already have Hikvision or Dahua cameras installed throughout your enterprise, we recommend taking the following steps to review security and identify potential risks:

  • Conduct a full audit to determine your use of Hikvision and Dahua cameras
  • Consider how much a wider ban of Hikvision and Dahua cameras would impact your operations, including the cost and downtime of replacing all these devices
  • Analyze the IT budget to determine whether moving to a different provider is feasible over either the short and longer term

If your enterprise hasn’t yet implemented your video surveillance system, it’s not too late to make the right choices.

  • Look for vendors that are neither based in China nor manufacture in the nation
  • Look for vendors that place a large priority on cybersecurity including:
    1. End-to-End encryption of footage in transit and at rest
    2. Architecting cameras that only send outbound protocols
    3. Auto-updating software and firmware regularly

For a more in-depth breakdown of how to maximize your video surveillance security, click here to read the free Totality Solutions ebook “How Secure is your Video Surveillance.”


Sources:

https://ipvm.com/reports/us-house-5515

https://ipvm.com/reports/ban-law

 

[/et_pb_text][et_pb_button button_url=”https://totalitysolutions.org/services/cctv/verkada-security-cameras/webinars/” button_text=”Free Webinar: Intro to Cloud Security” button_alignment=”center” _builder_version=”3.19.11″ custom_button=”on” button_text_color=”#ffffff” button_bg_color=”#6eba01″ button_border_color=”#6eba01″ button_text_color_hover=”#6eba01″ button_text_size__hover_enabled=”off” button_one_text_size__hover_enabled=”off” button_two_text_size__hover_enabled=”off” button_text_color__hover_enabled=”on” button_text_color__hover=”#6eba01″ button_one_text_color__hover_enabled=”off” button_two_text_color__hover_enabled=”off” button_border_width__hover_enabled=”off” button_one_border_width__hover_enabled=”off” button_two_border_width__hover_enabled=”off” button_border_color__hover_enabled=”off” button_one_border_color__hover_enabled=”off” button_two_border_color__hover_enabled=”off” button_border_radius__hover_enabled=”off” button_one_border_radius__hover_enabled=”off” button_two_border_radius__hover_enabled=”off” button_letter_spacing__hover_enabled=”off” button_one_letter_spacing__hover_enabled=”off” button_two_letter_spacing__hover_enabled=”off” button_bg_color__hover_enabled=”off” button_one_bg_color__hover_enabled=”off” button_two_bg_color__hover_enabled=”off”][/et_pb_button][/et_pb_column][/et_pb_row][/et_pb_section]

Is Your Smartphone the Spy In Your Pocket?

[et_pb_section fb_built=”1″ _builder_version=”3.0.47″ custom_padding=”36px|0px|29px|0px|false|false”][et_pb_row _builder_version=”3.0.48″ background_size=”initial” background_position=”top_left” background_repeat=”repeat”][et_pb_column type=”4_4″ _builder_version=”3.0.47″ parallax=”off” parallax_method=”on”][et_pb_image force_fullwidth=”on” _builder_version=”3.19.11″ src=”https://totalitysolutions.org/wp-content/uploads/2019/02/gilles-lambert-8649-unsplash.jpg” admin_label=”Image”][/et_pb_image][et_pb_text _builder_version=”3.19.11″ text_font=”||||||||” text_font_size=”18px”]

We’ve all had it happen to us, even if we didn’t take much notice.

You’re venting to a friend about your least favorite coworker- could he just FOR ONCE not heat his leftover fish in the breakroom microwave?- and within 30 minutes an ad pops up in your Facebook feed that has an eerie connection to your recent conversation.

An odor-eliminator. Or a microwave sale. Or a blog dedicated to improving happiness and wellbeing in the workplace.

Maybe you just scroll past and think, “Huh, weird.”

But let’s stop for a second and really think about this.

All you did was carry on a normal conversation. Your iPhone was just sitting in your back pocket or purse. Yet somehow Facebook captured the key words of your conversation, converted them into data, and slapped highly customized marketing ads directly into your live feed.

It’s one thing to see Facebook ads for dog food after you order your Golden Retriever’s kibble on Amazon- we’re all pretty used to this convergence of internet usage habits and marketing- but it’s infinitely stranger to see it happen when the words are coming out of your mouth (and never typed into your phone!) during any normal part of your day.

So let’s break this down- are you just paranoid, or is your phone really listening to and using your every word?

What Do the Experts Say?

Cell phone manufacturers, of course, deny that your phone can listen to your conversations or speech without your consent.

Representatives including Marsha Blackburn and Robert Latta wrote to Apple’s CEO Tim Cook and Alphabet CEO Larry Page back in July 2018 to express their concerns that smartphones could “collect ‘non-triggered’ audio data from users’ conversations near a smartphone in order to hear a ‘trigger’ phrase, such as ‘Okay Google’ or ‘Hey Siri.’”

Apple responded with claims that iPhones never record audio while listening for commands. This may be true, but it doesn’t address the fact that third-party applications can still gain access and use ‘non-triggered’ data without your knowledge or consent. Apple can’t control exactly how apps like Facebook utilize data, and they can’t ban every app that quietly breaks the rules.

The Wall Street Journal agrees. It reported, “Facebook is now so good at watching what we do online- and even offline, wandering around the physical world- it doesn’t need to hear us. [Yet they do.] Advertising is an important staple of the free internet, but the companies buying and selling ads are turning into stalkers. We need to understand what they’re doing, and what we can- or can’t- do to limit them.”

Creepy Examples

Still not convinced that your cellphone is tuned to your every word? Consider this.

I had a conversation at the beginning of December with my husband. The daycare provider for our daughter had to relocate suddenly and unexpectedly, leaving us with two full-time jobs and zero childcare. Not the best situation.

We went back and forth trying to discuss our options, but couldn’t agree on a solution. So I sunk into the couch, frustrated and upset, and opened Facebook to mindlessly scroll through my live feed.

Can you guess the very first ad that popped up as I scrolled?

What do you know, a potential solution to the exact problem my husband and I had just been discussing verbally.

That’s far from the only proof that my iPhone- and yours, too!- is listening to conversations and sending keyword data to create targeted marketing.

I had an argument with my son just this morning because he wouldn’t get out of bed to walk the dog. I spewed out a parental lecture about the responsibilities of walking the dog and staying consistent to his schedule, then stomped out to walk the darn dog myself. When I headed back inside and glanced at Facebook, take a wild guess at the advertisement I saw after a few scrolls.

 

 

 

 

 

 

No, this is definitely NOT our collective imagination at work. Our cell phones are listening to us, and short of putting your phone in a glass of water and walking far, far into the middle of the forest to have a conversation, this is our new 21st-century reality.

Short of deleting your Facebook app and disconnecting from your smartphone, your best protections include strict privacy settings, precautions, and self-education.

[/et_pb_text][et_pb_button button_url=”https://totalitysolutions.org/services/cctv/verkada-security-cameras/webinars/” button_text=”Free Webinar: Intro to Cloud Security” button_alignment=”center” _builder_version=”3.19.11″ custom_button=”on” button_text_color=”#ffffff” button_bg_color=”#6eba01″ button_border_color=”#6eba01″ button_text_color_hover=”#6eba01″ button_text_size__hover_enabled=”off” button_one_text_size__hover_enabled=”off” button_two_text_size__hover_enabled=”off” button_text_color__hover_enabled=”on” button_text_color__hover=”#6eba01″ button_one_text_color__hover_enabled=”off” button_two_text_color__hover_enabled=”off” button_border_width__hover_enabled=”off” button_one_border_width__hover_enabled=”off” button_two_border_width__hover_enabled=”off” button_border_color__hover_enabled=”off” button_one_border_color__hover_enabled=”off” button_two_border_color__hover_enabled=”off” button_border_radius__hover_enabled=”off” button_one_border_radius__hover_enabled=”off” button_two_border_radius__hover_enabled=”off” button_letter_spacing__hover_enabled=”off” button_one_letter_spacing__hover_enabled=”off” button_two_letter_spacing__hover_enabled=”off” button_bg_color__hover_enabled=”off” button_one_bg_color__hover_enabled=”off” button_two_bg_color__hover_enabled=”off”][/et_pb_button][/et_pb_column][/et_pb_row][/et_pb_section]

Is Your NVR a Liability Instead of An Asset?

[et_pb_section fb_built=”1″ _builder_version=”3.0.47″ custom_padding=”36px|0px|29px|0px|false|false”][et_pb_row _builder_version=”3.0.48″ background_size=”initial” background_position=”top_left” background_repeat=”repeat”][et_pb_column type=”4_4″ _builder_version=”3.0.47″ parallax=”off” parallax_method=”on”][et_pb_text _builder_version=”3.1.1″]

For years, advanced video security systems have relied on something called a network video recorder (NVR) to capture video footage. If your organization’s existing security system uses an NVR, you’re probably familiar with it as the central hub that connects dozens of cameras.

 

In fact, it’s possible that you’ve never second-guessed the safety of the NVR running your security system. Most industry leaders consider NVRs reliable and secure, but this reputation is largely unearned.

 

Is your organization’s NRV actually a liability instead of an asset?

 

NVRs and their cousins, digital video recorders (DVRs) become the victims of hackers and attackers far more than you might realize. As a result, they fail to provide even a fraction of the level of protection that most IT professionals expect (and need!).

 

The Origins of the “Secure NVR” Myth

When they are used as actual, air-gapped devices, NVRs are indeed incredibly secure. This makes sense- any device that is cut off from a wider network will automatically be inaccessible to the exploits of eager hackers.

 

However, very few modern companies utilize NVRs in that super secure air-gapped manner. Instead, today’s companies need remote access to their footage as they monitor shoppers, archive incidents, and perform loss prevention. Even more importantly, companies need to access their footage from off-site locations.

 

This requires the NVR to be connected into a network, which immediately creates vulnerabilities and makes the system infinitely more accessible to hackers.

 

NVR Attacks Are All Too Common

This isn’t just a theory. It has translated into clear security breach examples over the years.

 

A hacking initiative titled Peekaboo, for example, was recently created to give cyber criminals access to control the management system of any NUUO brand NVRMini2. According to security research firm Tenable, hackers could access “the credentials for all connected video surveillance cameras. Using root access on the NVRMini2 device, cyber criminals could disconnect the live feeds and tamper with security footage.”

 

That is bad news, and it doesn’t stop at NVRs. Video cameras from many different manufacturers have proven so unreliable that the U.S Senate barred the federal government from using certain brands like Hikvision, Hytera Technologies, and Dahua on the grounds of “public safety…. and other national security purposes.”

 

It they aren’t good enough for the government, they shouldn’t be good enough for your organization, either.

 

A Secure Alternative: The Hybrid Cloud

NVRs and DVRs may be ubiquitous, but they’re certainly not the only option. Cloud-based alternatives are currently redefining how we use and interact with our security systems. In fact, these cloud-based systems have become so advanced that they now offer unprecedented benefits over traditional systems.

 

Want to Learn More About Hybrid Cloud Video Surveillance? Join Our Next Webinar!

 

A few different camera companies utilize the cloud, but nobody does it like Verkada. The Verkada company offers a cloud-based camera system with end-to-end encryption. Since cameras have outbound-only connections, they’re significantly more protected against unauthorized users accessing the network.

 

Cloud-based video also promotes easier firmware and security updates, offers high-level encryption, and encourages an overall culture of risk avoidance, so it’s proving to be an effective way to keep the cameras rolling and trust that your enterprise is as fortified as possible.

[/et_pb_text][et_pb_button button_url=”https://totalitysolutions.org/services/cctv/verkada-security-cameras/webinars/” button_text=”Free Webinar: Intro to Cloud Security” button_alignment=”center” _builder_version=”3.19.11″ custom_button=”on” button_text_color=”#ffffff” button_bg_color=”#6eba01″ button_border_color=”#6eba01″ button_text_color_hover=”#6eba01″ button_text_size__hover_enabled=”off” button_one_text_size__hover_enabled=”off” button_two_text_size__hover_enabled=”off” button_text_color__hover_enabled=”on” button_text_color__hover=”#6eba01″ button_one_text_color__hover_enabled=”off” button_two_text_color__hover_enabled=”off” button_border_width__hover_enabled=”off” button_one_border_width__hover_enabled=”off” button_two_border_width__hover_enabled=”off” button_border_color__hover_enabled=”off” button_one_border_color__hover_enabled=”off” button_two_border_color__hover_enabled=”off” button_border_radius__hover_enabled=”off” button_one_border_radius__hover_enabled=”off” button_two_border_radius__hover_enabled=”off” button_letter_spacing__hover_enabled=”off” button_one_letter_spacing__hover_enabled=”off” button_two_letter_spacing__hover_enabled=”off” button_bg_color__hover_enabled=”off” button_one_bg_color__hover_enabled=”off” button_two_bg_color__hover_enabled=”off”][/et_pb_button][/et_pb_column][/et_pb_row][/et_pb_section]