The U.S. Senate passed the Secure Equipment Act in a unanimous vote this week. The vote positions the FCC to ban approvals of devices with radio frequency, which present national security risks. The manufacturers include the same list referenced in the 2019 NDAA: Dahua, Hikvision, Huawei, ZTE Corporation, and Hytera Communications Corporation, along with their subsidiaries and affiliates. This impacts more than 100 million video surveillance devices in the U.S. ITech Digital wants you to know the risk and alternatives to protect your business.
What's the Problem?
What's the vulnerability? The products allow remote access to the entire network without any logging on to the camera itself. This means that the PRC or any black hat could access your network undetected through video surveillance. View the list of impacted products here. Moreover, Hikvision partners with many OEMs, which further extends the reach of this threat and its impact on others. Dakua vulnerability allows remote admin access while Hikvision provides root access.
State-Controlled Companies Deceive Partners
The PRC-created and controlled Hikvision, the second-largest video surveillance manufacturer globally, continues to discredit the ban to its partners. Not only did they make false promises about the bill's passage, but they also encouraged ongoing orders and reported that the ban wouldn't go retroactive. The FCC list of banned equipment released in March 2021 could be the point at which the measure is enforced. However, the FCC could go back to the 2019 NDAA, too. After all, the bill doesn't require retroactive revocation, but it allows for it.
NDAA Vs. FCC
The 2019 National Defense Authorization Act, Section 889 prohibited:
- Federal procurement of products included on the list (think Army bases, etc.)
- Federal agencies from doing business with those who use the products.
- Spending federal dollars on the products (think schools, etc.).
On the other hand, the FCC addresses products in general. In other words, the legislation passed by the Senate on October 28th and awaiting President Biden's signature positions the FCC to effectively ban authorizations for these products without differentiating between government and non-government use. Now, we're talking about warehouses, commercial buildings, retail stores, and even restaurants.
What To Do
Give serious consideration to swapping out any products from the manufacturers identified in the FCC ban. At ITech Digital, we don't use products associated with any manufacturer on the list. For that reason, Indiana businesses and those in all 50 U.S. states can be confident in the products and solutions we deploy and service. If you have any questions about these products or want to know what security solutions work best for your business, or give us a call at (866) 733-6673.