Op-ed by Dr Ausma Bernot, Lecturer in Criminology at the School of Criminology and Criminal Justice at Griffith University.

[…]

Although security cameras make up only 5 percent of Enterprise Internet of Things (IoT) devices, they account for 33 percent of all security issues. Two Chinese suppliers – Hikvision and Dahua – dominate international markets

[…]

The geopolitical misalignment between China and European countries adds urgency to the need to address these national security risks. This is because large Chinese manufacturers are supported by the Chinese government, and emergent evidence shows that 80 percent of sanctions circumventions against Russia are facilitated by China, with 80 percent of dual-use goods routed through China.

These vulnerabilities are a concern for individuals, enterprises, and government entities alike. Evidence of illegal camera hacking that we have available indicates that individuals are often targeted for personal or for-profit streaming of camera footage. Moreover, when surveillance cameras are installed in critical locations, such as federal or state government buildings, the likelihood of that location becoming a surveillance target increases.

[…]

There are three types of risks associated with surveillance cameras: targeted surveillance of individuals, national security risks, and exploitation of network security vulnerabilities. Unwanted individual surveillance most often occurs in the form of covert or overt hacking of individual cameras. Hacked cameras have been used to record and sell child exploitation material, as well as video recordings from gynecologists’ offices and locker rooms. Individual users should connect cameras to their own private networks and monitor the number of connected devices.

[…]

Numerous cases of surveillance camera exploitation have made it clear that these risks are well-documented. A few particularly alarming incidents highlight how these devices can be weaponized for foreign interference and surveillance of vulnerable populations.

[…]

Although cameras are devices that were created to enhance environmental security, they have now introduced new security concerns due to their technical shortcomings and social applications. Establishing robust security standards is essential for IP cameras used in government buildings, business premises, and individual homes. Against this background, the EU’s Cyber Resilience Act that will place greater responsibility on manufacturers and distributors to produce and supply more secure devices, is a step in the right direction.