The stream from your CCTV camera may pose a risk to national security

0

The Federal Communications Commission recently unanimously passed a rule that could make it illegal to turn on 60% of CCTV cameras currently installed in the United States.

The rule could result in the ban on all future authorizations for the sale and use in the United States of any new product and potentially all previously authorized products manufactured by a growing number of Chinese companies.

Why? They have been designated as national security threats and placed on the so-called “covered list” (aka blacklist), which is published by the commission’s Office of Public Security and Homeland Security. This includes the world’s largest manufacturers of CCTV cameras.

These companies have been added to the blacklist for a variety of reasons, not least because they are suspected of installing “backdoors” on video chips that could allow them to “hack” the streams of millions of security cameras.

Read: Fix These Highly Exploited Vulnerabilities Now

This vote is in concert with the National Defense Authorization Act (NDAA), which is a body of federal law that receives unwavering bipartisan support due to its emphasis on national security and protecting the lives and livelihoods of the people. American. It is updated annually by Congress to address new threats and to present the annual budget of the US Department of Defense.

CCTV cameras became part of the NDAA with the John S. McCain National Defense Authorization Act for fiscal year 2019. Section 889, “Prohibition of Certain Telecommunications and CCTV Services or Equipment” , sets out rather broad implications.

(a) PROHIBITION OF USE OR PURCHASE

– (1) The head of an executive agency may not – (A) acquire or obtain or extend or renew a contract to acquire or obtain any equipment, system or service that uses telecommunications equipment or services covered in as a substantial or essential part of any system, or as a critical technology forming part of any system; or (B) enter into a contract (or extend or renew a contract) with an entity that uses any equipment, system or service that uses covered telecommunications equipment or services as a substantial or essential component of any system, or as a critical technology as part of any system.

– (2) Nothing in paragraph (1) should be interpreted as – (A) prohibiting the head of an executive agency from contracting with an entity to provide a service that connects to the facilities of a third party, such as backhaul, roaming, or interconnection agreements; or (B) cover telecommunications equipment that cannot route or redirect user data traffic or allow visibility into user data or packets that such equipment transmits or otherwise manages.

Essentially, this means that federal agencies cannot purchase or use any equipment, system, or service that even uses components or technology that is part of a system from one of the blacklisted companies.

This also applies to any federally funded entity, such as schools or city buildings that has received a federal grant. The net widens further with the statement that they are prohibited from contracting with an entity, such as a business, that uses technology from a banned manufacturer.

The ban can apply to anyone coming not only from a major contractor and defense builder designing battleships, but also from all the companies, partners and suppliers they work with throughout the supply chain.

The full act can be read here.

Wide-ranging implications

While the NDAA does not specifically explain why manufacturers are blacklisted, it is clear from congressional testimony that they have reason to believe that the Chinese government could use technology produced by manufacturers for many nefarious purposes. , from cybersecurity espionage to intelligence gathering.

For example, if a video feed from a military installation was viewed by a foreign government, it would have access not only to the number and positions of troops, but also to specific amounts and types of weapons, food, and equipment. other supplies, which could be devastating. in a conflict.

Blackmail and the personal health and safety of individuals are also of concern. Imagine if a bad actor could use facial recognition on “hacked” video feeds from surveillance cameras all over town. They could easily follow a government official or business owner from place to place, whether they were in the office or enjoying their free time.

This would allow them to build models and collect data and images that could be used directly or taken out of context to blackmail or compromise the individual.

Individuals and organizations outside of the federal government that are not strictly subject to NDAA regulations are affected.

This threat is taken seriously by global companies with highly sophisticated security systems… right down to mom n ‘pop sandwich shops with a single surveillance camera pointed at their cash register and front door.

Business executives and even owners need to be assured that their conversations, strategies, plans, plans, processes, and intellectual property in the sight of surveillance cameras can be protected from the prying eyes of unauthorized persons and bad actors.

As such, they proactively seek out vendors who have secure and NDAA compliant cameras and CCTV systems. Several security camera vendors recognize this problem and do not honor warranties or trades on the millions of cameras made by banned companies that are currently installed across America.

While the law does not (yet) force businesses and consumers to replace their current surveillance equipment with NDAA-compliant cameras, they realize the threat is significant.

Concern among government officials is high enough that it may one day be illegal to power even a non-NDAA-compliant surveillance system on US soil.


Source link

Share.

Leave A Reply