1 minute read
BETTER SAFE THAN SORRY
Steve Liddiard, CEO of Merit LILIN UK, has a warning when it comes to making product buying decisions.
Advertisement
In the last few years, one of the key concerns facing the security market is maintaining the security of the system itself. Installers can follow all of the best practice cyber security advice out there; use strong passwords, and lock down the local network - but what do you do if the product itself is designed with backdoors?
The security market has been dominated by the presence of low-cost Chinese brands since the early 2010s, but in the last five years, some of these manufacturers have been riddled with scandals that have brought about questions on security. Leading Chinese brands are often partially owned by the Chinese government, which seemed benign until the introduction of the PRC’s National Intelligence Law (2017), of which Article 7 mandates that all PRC firms
‘shall support, assist and co-operate with national intelligence efforts’.
I’m sure we can all remember the ‘Hik Hack’ interactive map published by the independent camera authority IPVM in 2017, in which they highlighted hacked cameras that had been exploited by a ‘backdoor’ in the firmware that made it possible to gain full admin access to both cameras and NVRs. Following this, the Wall Street Journal launched an investigation into insecure cameras at US army bases, ultimately culminating in the passing of the NDAA (National Defense Authorisation Act) which includes a specific amendment against PRC equipment. The impact of these legislative acts is not limited to the US, as countries across the world have echoed the new requirement for goods to be NDAA compliant - with many of these requests coming from end users, influenced by the global discourse around personal data, cyber security, and the ongoing allegations of PRC human rights issues.
The suitability of these manufacturers came under further scrutiny as it was alleged that some Chinese companies are involved with the Chinese government’s accusations of persecution against the minority Uyghur population. The allegations are not limited to passively supplying technology - though they have marketed solutions with ‘Uyghur/Ethnicity Analytics’ - they are also contracted to ‘design, implement and operate’ internment camps in the Xinjiang region, with some projects having an ‘end date’ as far as 2040.
WE ARE THE GLOBAL MEMBERSHIP ASSOCIATION THAT SERVES THE HOME TECHNOLOGY INDUSTRY
Advocacy
We position the smart home industry as essential to homeowners, allied trades, and governments.
