Dahua Technology USA, a manufacturer of video surveillance solutions, announced a comprehensive set of cyber security initiatives that have been underway for most of 2017.
“We cannot stress the importance and need for industry professionals to employ cyber security best practices, especially with the previous vulnerability issues Dahua faced back in March,” said Janet Fenner, head of marketing for Dahua North America. “Dahua issued a firmware patch that fixed this specific problem in March 2017 and alerted customers to install new firmware patches. Cyber security is an on-going and increasingly concerning issue that requires a proactive approach. Our latest cyber security initiatives and best-practices recommendations demonstrate our ongoing attention to this issue.”
The vulnerability issue faced by Dahua and other leading surveillance manufacturers continues to persist as hackers deploy automated scripts to uncover old firmware that uses default passwords. Once the hacker’s locate this firmware they can easily access devices in the host’s network, such as dimming cameras’ brightness, which leads customers to believe that their cameras are not operating properly.
Moving forward Dahua will be implementing new cyber security initiatives incorporated into its products on a global basis.
The cyber security initiative from Dahua includes a wide range of activities designed to improve the security of video surveillance products themselves, as well as to improve the security of broader processes, including installation, deployment, and ongoing management. For example, one initiative focuses on authentication for administrative access. As a result, default accounts are no longer included in new devices, with changes implemented in the installation, admin access, and ongoing management processes. Other initiatives resulted in similar broad impacts, including better management of identities, session security, data security, and more.
For current and recent products, many benefits of these initiatives are available in the form of firmware and/or software updates, which will be distributed using software update processes to ensure the enhancements are implemented smoothly. The updated cyber security features were designed and validated in partnership with independent experts including DBAPP Security and Synopsys Technology to ensure the highest security and quality.