Dahua Addresses Recent Report Regarding Product Vulnerabilities

(Editor’s note: Dahua Technology has expressed concern to SSI about information it deemed inaccurate in a recent Wall Street Journal article that SSI summarized on its website. In the following company response, Dahua explains the discrepancies.)

We would like to address some inaccuracies that appeared in the article published on Sept. 30 by Security Sales & Integration titled “Hacked Security Cameras, DVRs Blamed for Massive Internet Attacks,” which summarized an article published the same day in the Wall Street Journal.

There are several inaccuracies in the Wall Street Journal article that were subsequently published in your coverage, and we appreciate the opportunity to address them.

To clarify, Dahua Technology has maintained a B2B business model and sells its products through the channel. Currently in the North America market, we don’t sell our products “directly to consumers and businesses through [our] website or retailers like Amazon.” Amazon is not an approved Dahua distributor and we proactively conduct research to identify and take action against the unauthorized sale of our products. A list of authorized distributors is available here.

Also, the Wall Street Journal omitted facts from the Level 3 report, in particular, the passage that states, “Of the bots we’ve observed participating in attacks, peaking at more than 1 million devices, a large percentage are located in Taiwan, Brazil and Colombia.”

Dahua’s Cybersecurity Committee is dedicated to researching, testing and verifying vulnerabilities, as well as working very closely with third parties who conduct regular testing on Dahua products. To the best of our knowledge, the DDoS [distributed denial-of-service attacks] threats have not affected any Dahua-branded devices deployed or sold in North America.

The committee has also determined the devices that became part of the DDoS attack had one or more of these characteristics:

• The devices were using firmware dating prior to January 2015.
• The devices were using the default user name and password.
• The devices were exposed to the internet without the protection of an effective network firewall.

Education and communication are very important to us, and keeping our customers informed of any risks or potential risks is a priority. We are reiterating to our customers that it is crucial to select strong passwords, keep firmware updated, and only forward ports their devices actually need. We strongly recommend that our customers and partners review our list of cybersecurity best practices on our website, which can be viewed here. 

As always, we have firmware updates available on the Dahua Wiki, and a dedicated channel for customers to ask questions about cybersecurity or report suspected vulnerabilities ([email protected]).

Specific to this issue, we are offering replacement discounts as a gesture of goodwill to customers who wish to replace pre-January 2015 models. Dealers can bring such products to an authorized Dahua dealer, where a technical evaluation will be performed to determine eligibility.

Above all, securing our customers’ assets and protecting their Dahua products is of the utmost importance to us. We continue our commitment to work with our customers and partners to make our products and solutions as secure as possible.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

Related Content

Acoustic Design Systems Promotes Amanda Crigar to Vice President

Active Shooter Situations in the Workplace: Surviving the First Five Minutes

Department of Homeland Security Awards Dedrone With SAFETY Act Designation Status

DoorBird High PoE Injector (A1093) Expands Network Connectivity