An earlier report by the Schemes – an investigative arm of the Radio Liberty Ukraine – showed that thousands of surveillance cameras using Russia’s software called TRASSIR transmitted imagery to servers in Moscow for years, even after the start of invasion in February 2022.
The data was used by Russian military and intelligence to finetune their attacks on Ukrainian targets, including civilian ones.
More to read:
China orders app publishers to share business details
A new Schemes investigation highlights the exposure of Ukrainian cities and infrastructure to Chinese surveillance cameras, which share data with their state-controlled manufacturers. In several cases, the authors discovered, they helped guide the accuracy and calibration of Russian artillery, suggesting that Russian intelligence had either hacked the technology or had received tips from the Chinese.
The Schemes found that the Ukrainian market for surveillance cameras is dominated by two companies – Hikvision and Dahua – whose products are popular thanks to relative affordability.
Despite being prohibited in the United States due to national security concerns, these products are not banned in Ukraine, where their manufacturers are even classified as "international war sponsors."
Hikvision, a Chinese technology giant, produces approximately 20% of all global video surveillance cameras, while Dahua accounts for 10% of the market share. Their widespread use globally, driven primarily by their relatively low cost, includes installations in China, Russia, the U.S., European Union countries, and Ukraine, where hundreds of thousands of these cameras are in operation.
Schemes asked technology experts to test the cameras and assess their reliability in terms of data protection. The experiment revealed the vulnerability of these cameras to external hacking attacks. It demonstrated that cameras connected to the Internet could transmit information to servers controlled by the Chinese manufacturer, raising concerns about official Beijing potentially having access to video streams from Ukrainian cities including front-line settlements, as well as strategic state-owned enterprises, private firms, and individual households.
It took an IT specialist from the Laboratory of Computer Forensics, an online security firm hired by the Schemes, 15 minutes to hack a 2019 Hikvision camera.
This raises questions about the possibility of transferring such information to Moscow or hacking by Russian special services.
The report says tens of thousands of Hikvision and Dahua cameras are still working in the E.U. and many use TRASSIR software, meaning that Beijing lied about the safety of its equipment and that Moscow can see live – and in great detail – what is happening right now in the countries supporting Ukraine.
NewsCafe is a small, independent outlet that cares about big issues. Our sources of income amount to ads and donations from readers. You can buy us a coffee via PayPal: office[at]rudeana.com.