ReFirm is a leader, with nation state DNA, in identifying the risks within firmware in devices – this is a risk today within the enterprise and supply chain.
“Hikvision and Dahua have already come under scrutiny in the West, with some security vendors refusing to purchase their equipment. One company removed hundreds of Dahua cameras in 2017 after it found a secret back door in the devices, according to Maryland-based cybersecurity company ReFirm Labs. ReFirm also found that company information had been trafficked off-site via the cameras to an unknown Chinese IP address, according to Terry Dunlap, the firm’s co-founder.”
“Given that many other Dahua products contain this exact same backdoor, we strongly recommend against connecting any Dahua products to critical or sensitive networks,” ReFirm said in its report of the incident.