WASHINGTON, D.C. — When President Trump ratified the National Defense Authorization Act (NDAA) last summer it included an amendment for fiscal 2019 that would mandate federal agencies do not purchase security cameras made in China.
The provision also gave U.S. federal agencies one year to remove Chinese-made cameras as part of the legislation’s intent to mitigate the threat of spying by China’s government. However, it is painfully obvious that complying with the surveillance technology prohibition can never be fully be achieved — not by the Aug. 13 deadline.
The NDAA amendment, first proposed by Rep. Vicky Hartzler (R-Mo.), singled out Dahua and Hikvision, among other telecommunications gear from Chinese firms. As Bloomberg reports, the global supply chain labyrinth and untold licensing agreements make it exceedingly difficult to know whether a security camera is actually made in China or contains components that would violate U.S. rules.
The Bloomberg article cites Forescout Technologies — a Washington-based firm hired by some federal agencies to determine what systems are running on their networks — which claims 1,700 Hikvision and Dahua cameras are still operating in locations where they’ve been banned.
Forescout Vice President of Government Affairs Katherine Gronberg tells Bloomberg the number is probably much higher since only a small percentage of government offices actually know what cameras have been deployed. The agencies that use software to track devices connected to their networks should be able to comply with the law and remove the cameras in time, she said.
“The real issue is for organizations that don’t have the tools in place to detect the banned devices,” Gronberg adds.
The Department of Homeland Security (DHS) made efforts several years ago to force all federal agencies to secure their networks by tracking every connected device, Bloomberg reports. Yet as of December only 35% of required agencies had fully complied with the mandate, according to a 2018 Government Accountability Office (GAO) report cited by Bloomberg.
Consequently, a large majority U.S. federal agencies have yet to determine how many or what types of cameras are connected to their networks. This has left them to painstakingly identify each device manually.
As security professionals are well aware, singling out cameras covered by the ban is made exponentially more laborious considering that Hikvision and Dahua are both OEM behemoths.
“There are all kinds of shadowy licensing agreements that prevent us from knowing the true scope of China’s foothold in this market,” Peter Kusnic, a technology writer at business research firm Freedonia Group, tells Bloomberg. “I’m not sure it will even be possible to ever fully identify all of these cameras, let alone remove them. The sheer number is insurmountable.”
The post Federal Agencies Scramble to Comply With Chinese Security Camera Ban appeared first on Security Sales & Integration.