The U.s. President has signed the 2019 NDAA into police, banning the use of Dahua and Hikvision (and their OEMs) for the United states government, for US government-funded contracts and possibly for ‘disquisitional infrastructure’ and ‘national security’ usage.
This completes the legal process that started in May with the U.s. House passing the bill with the ban and the August 1st Senate passing of the pecker.
Update August 2019: Rules released for the ban, including essential components such as Huawei Hisilicon chips.
Direct Bear on – Stop Purchasing and Removals
The ban technically starts one year subsequently signing into law, which will exist August xiii, 2019. Notwithstanding, since the ban includes both purchasing and using existing equipment, it effectively starts immediately since it would make little practical sense to buy equipment today to take to remove information technology in 12 months.
The removal of Dahua and Hikvision branded equipment will be relatively straightforward since US government agencies tin but read the label on the devices. However, OEMs, which are included under the ‘produced’ for ‘affiliates’ clause, will also have to be removed.
For help, see our Dahua OEM Directory and Hikvision OEM Directory.
Broader Indirect Bear on – Branding
Since the US government is finer blacklisting Dahua and Hikvsion products, this will have a astringent branding and consequentially purchasing impact. Many buyers will be concerned about:
- What security risks those products pose for them
- What issues might occur if they want to integrate with public / regime systems
- What hereafter legislation at the state or local level might ban usage of such systems
Indeed, one prominent Hikvision partner has acknowledged the touch on even before the pecker became police:
One of my top 10s said that one of his banking concern jobs said that they deceit do hikvision because they were put on a watch list. He is also concerned well-nigh a infirmary job he has coming.
The impact outside of the US could be significant besides since many countries and organizations volition meet this equally a negative signal about the security and trustworthiness of these products.
Background
The post-obit reports provide background well-nigh Hikvision and Dahua:
- Hikvision Chinese Regime Origin And Control
- Hikvision: Chinese Government “Exert Significant Influence Over Our Business”
- Hikvision Chairman Joins China National Regime (NPC)
- Hikvision Backstairs Exploit
- Dahua Ban Response: Not Chinese Government Owned
- Dahua Backdoor Uncovered
Update: Podcast Released
IPVM has released a podcast give-and-take on this. Download the 28 infinitesimal podcast here or listen to information technology embedded below:
Merely IPVM Subscribers may comment. Login or Join.
Note: I left out some screencaps / details of the police since we covered it 2 weeks ago here. However, for completeness, they are copied below:
The full text of the beak is here (note: information technology is 1,360 pages long with the relevant sections of folio 322 – 323).
Concur:
i
Disagree
Informative:
iii
Unhelpful
Funny
The ADI threescore% off “Banned by the Government” sale starts tomorrow.
Concur
Disagree
Informative:
2
Unhelpful
Funny:
52
Make video surveillance keen again…. okay it doesn’t have the same band, simply this is definitely helping the industry, especially the premium brands with high end products. This will really hit home when local integrators who have been fiercely loyal to Hik begin to switch.
Go your popcorn prepare.
Agree:
eleven
Disagree
Informative
Unhelpful
Funny:
ii
Although federally illegal, at least Hikua is nevertheless legal recreationally in every country. Cannabis, on the other hand, might very well go legal federally with some type of federal policy or regulation mandated. I know there is a ton of Hikua and their OEMs in that space.
What about government housing, etc? Hikua needs to practise major impairment control so concern doesnt spill into SLED.
Agree:
one
Disagree
Informative:
2
Unhelpful
Funny:
7
IPVM |
08/14/18 12:48am
From the FB give-and-take of this post:
Could it be that Nelly’s (Surplus) is going to win both means? 😉
In all seriousness, it is an interesting questioning of what becomes of the gear. We will bank check for any government recommendations.
Concord
Disagree
Informative
Unhelpful
Funny:
3
I was onsite with a client who has advised that local and state governments are likewise adopting the same position in several instances that if the Federal government deems information technology unsafe for their projects, it’southward not safe for theirs either and removing from futurity consideration and reviewing previous projects. I approximate the upside is that whatever removals may constitute new sales opportunities? Soon the message will be to commercial customers, “those products are illegal.” Everyone is scrambling!
Hold:
6
Disagree
Informative:
five
Unhelpful
Funny
One of the all-time bills in modern history. Equally security professionals we accept a duty to take our nation’s security serious. This is NOT just a ‘Cherry Scare’.
Agree:
19
Disagree:
1
Informative
Unhelpful
Funny:
ane
Some judge in New York volition sue to get them allowed just considering.
Agree:
v
Disagree
Informative
Unhelpful
Funny:
four
Does IPVM accept a list of manufacturers (or by detail) that meet made in america? and meet the government treaty guidelines for purchases?
Concord
Disagree
Informative:
1
Unhelpful
Funny
Does anyone have whatsoever thoughts/ideas on what volition happen to Dahua and Hikvision DIY OEM’south (LaView, Amcrest, Qsee, Nighttime Owl and competitors) mainly in the consumer space?
Will they continue to purchase from Dahua and Hik?
Will these businesses exist impacted from this police force?
Are they allowed to go on to purchase and import goods from these companies?
Agree
Disagree
Informative
Unhelpful
Funny
IPVM |
08/xiv/xviii 07:55pm
Update: IPVM has released a podcast discussion on this.Download the 28 minute podcast hereor listen to it embedded below:
Agree
Disagree
Informative:
3
Unhelpful
Funny
IPVM |
08/fifteen/eighteen 12:26am
First trade magazine with coverage, SSI, is out: U.S. Defense Pecker Signed Into Law Bans Dahua, Hikvision Products. Interesting quote from Lynn de Seve, a government contracting specialist:
State and local agencies usually go the mode of the Feds. Soon it becomes a tendency even with commercial customers.
[Update: SSI has removed this quote with no find to why it was removed.]
Agree:
3
Disagree
Informative:
2
Unhelpful
Funny
Here comes the price increases.
Agree:
2
Disagree
Informative
Unhelpful
Funny
IPVM could have been a piddling clearer in stating they forged the photograph from an original that related to a $1.5m taxation overhaul package and has absolutely nothing to do with the ban.
Putting “IPVM analogy” on the bottom right corner doesn’t cut it and just demonstrates how tacky and cheap IPVM has become. Tabloid really is the correct clarification of this blazon of “journalism”.
Agree:
1
Disagree:
xi
Informative
Unhelpful:
4
Funny:
two
Your response typifies the “anti-Hik” antechamber in personalising an individual assault – sanctioned past IPVM.
I’m not “anti-Hik”, per se, I but happen to believe their products are so severely flawed in terms of cyber security that they are not suitable for use in most commercial deployments. Further, I recollect that Hik has gone to not bad lengths to convince people, through blatantly deceptive and fraudulent presentations, that their products are not more or less secure than those of other companies. This is evidenced when I encounter claims similar your following statement:
More recently, Axis and genetic vulnerabilities are airbrushed to see them in some kind of positive light whereby anything at all by HIK/Dahua is trashed into anti-China rhetoric.
My stance is that you lack the ability to properly evaluate common vulnerabilities and their potential to exist exploited and impact a user or their network. My comments are non “personal”, just they are in response to your specific statements. If you want to phone call that some kind of “individual attack”, I judge you tin, but I would also say you have pretty thin skin.
Not anybody reading the commodity is from the IPVM community and will indeed believe what they have published in the context of the story.
I would say the boilerplate reasonable person reading this would accept seen enough Trump photoshops of him holding up altered signs and declarations to recognize the parody/satire element. If not, well, IPVM is catering to an audience that is overall informed and moderately skeptical, they can’t dumb and disclaimer every paradigm down to the lowest common denominator. If you read the text under the paradigm, I feel that yous get sufficient detail to evaluate the prototype properly. If you only “read” pictures, well, that is an entirely different issue.
The graphic existence misleading is indicative of Johns mission to exaggerate all things Hik
What is truly misleading most the image? Did Trump not in fact sign a bill that bans use of Hytera, Hikvision, and Dahua in government applications?
The facts are that exterior of the United states the NDAA is meaningless, lilliputian and entirely irrelevant.
Disagree. Outside of China (where Hik enjoys authorities preferences and similar bans severely limiting employ of strange surveillance products) Due north America is the largest market place in the security industry. Many manufacturers fund their overseas expansions off of their NA business. Banning Hik and Dahua in the US will make those companies weaker hither, and simultaneously strengthen others. That can easily have rolling global touch.
Simply jumping on Johns bandwagon to get “likes” and earn click dollars
I give two shits well-nigh who “likes” me, and y’all can upvote all my comments to infinity and it won’t alter my net worth by more than than a rounding error. My motivation is non at all related to either of those goals, I am simply trying to share insight and data.
What is harder to do is to enter into reasoned debate
Just so I can keep runway, are you the pot or the kettle in the above statement?
Only hey – if school yard insults is your matter – so so be it.
At least you are consistent, taking a throw-away image or a throw-away statement and somehow coming abroad with the understanding that is the whole story.
Agree:
3
Disagree:
1
Informative
Unhelpful
Funny
I was at an ADI expo yesterday and couldn’t assistance but eavesdrop a Hik employee on the phone (talking quite loud) to who I would assume was his boss, talking nigh, ‘losing orders for five military bases due to the ban’. Thought it was interesting. Their booth still had quite a bit of traffic, equally you might imagine. They had quite the setup.
Agree
Disagree
Informative:
iii
Unhelpful
Funny:
four
Merely read an entire article on the NDAA 2019. I find the following exert funny as Hik nor Dahua are mentioned.
Section 889 of the NDAA would also prohibit executive-branch agencies from procuring or contracting for certain covered telecommunications equipment or services from companies that are associated with or believed to be owned or controlled past the People’due south Commonwealth of People’s republic of china. This includes ZTE and Huawei, two companies whose activities in the The states accept been the subject of neat scrutiny in recent months. This prohibition would brainstorm for executive-branch agencies ane year later enactment of the NDAA and would extend to the beneficiaries of any grants, loans or subsidies from such agencies ii years after enactment. Nether this provision, the head of any federal agency may issue a onetime waiver for upwards to two years, while merely the director of national intelligence may result subsequent waivers. Notably, yet, the NDAA does non include a provision from the Senate version of the NDAA that would accept reimposed the penalties against ZTE that the Commerce Department controversially revoked earlier this year.
The post-obit link is the entire commodity https://www.lawfareblog.com/whats-new-ndaa
Concur
Disagree
Informative
Unhelpful
Funny
Would this affect Us government projects exterior of the U.s.a.?
ie, United states customs preclearance at airports in Canada?
Agree
Disagree
Informative
Unhelpful
Funny
Thank yous, Charles. Much appreciated!
This airport I mentioned to a higher place received 9M in federal grants. I have not heard anything about them using any federal coin for this project. I did reach out to the city to see if they accept annihilation in identify that would prohibit some of this banned equipment being placed on their leased holding.
Concur
Disagree
Informative:
1
Unhelpful
Funny
Source: https://ipvm.com/reports/ban-law