Huawei, Hikvision, and the Surveillance State

Commentary

Powerful surveillance cameras are essential devices needed for projects like smart transportation and securities. China is the fastest growing country in the world for video surveillance, and 100% coverage of surveillance cameras is already available in the big cities.

An industry research firm IHS Markit showed that China has 176 million surveillance cameras in public and private sectors (including airports, train stations, and streets), while only about 50 million cameras are installed in the United States. It is estimated that the number of cameras installed in China will increase to 626 million in three years.

However, “the application of surveillance technology is one of the most disturbing aspects of the Chinese government’s repression of Uyghurs and Xinjiang,” says Ryan Barry of the World Uyghur Congress. U.S. Congress says the surveillance methods used include a dense network of security cameras and a system of data aggregation. Hundreds of thousands of mostly-Muslim Uyghurs and Kazakhs are believed to be held in secretive internment facilities, prompting worldwide condemnation, even though the Chinese regime claimed that this is for re-education.

Moreover, the major high-tech companies in China are undoubtedly involved in building the surveillance state. In May 2018, Huawei began work in Urumqi, Xinjiang to develop an “intelligent security industry” innovation lab, which is meant to be an intelligence data-gathering hub for managing the surveillance of the people on Xinjiang. And this was categorized as a project for its “smart cities.” And Huawei was not shy about their collaboration with the Chinese regime in their press release: “Together with the Public Security Bureau, Huawei will unlock a new era of smart policing and help build a safer, smarter society.”

China’s Hikvision produces more than one-fifth of the world’s surveillance cameras, and its market value has surpassed that of Sony. The rise of Hikvision is indeed related to the expanding monitoring needs of the Chinese regime. In 2011, Hikvision received a $1.2 billion Chongqing “Safe City” monitoring project to add 200,000 surveillance cameras in three years. The Chinese government has about 40% stake in Hikvision through state-owned enterprise Zhongdian Haikang Group, which was invested by China Electronics Technology Group (“China Electric”).

So, customers might feel that they are buying products from a private business—Hikvision, but it is actually buying from the Chinese regime. This should raise serious security concerns. “The surveillance technologies being developed and deployed in Xinjiang today will soon be sold and promoted globally,” said William Nee of Amnesty International.

Some people might think that even though the Chinese regime uses those techniques for building a surveillance state, it is still okay to allow Chinese companies to supply equipment for smart city projects as long as they are not used to violate human rights. The real situation is not that simple.

It is a wrong assumption that there is nothing to worry about once the products were tested fine at the time of purchase when dealing with Chinese companies. Once the hardware is purchased from Chinese tech companies, there are many ways that it becomes a vulnerable target for Chinese hackers. For example, Bloomberg reported on malicious microchips embedded in Supermicro server motherboards, which were allegedly found in several U.S. companies’ products, including Amazon and Apple. However, both companies have denied the existence of the “spy chips” since the Bloomberg story was published.

Also, the Supermicro online portal that customers used to get critical software updates was breached by China-based hackers in 2015. Another vulnerability lies with some server network cards that came with outdated firmware, so buyers did not notice that the machines that were delivered to them contained a critical security vulnerability. Attackers could take advantage of a known firmware vulnerability in the same way they would use a more traditional software exploit. Once inside a target network, hackers could seek out servers with the dated code and easily infect them.

There are many Advanced Persistent Threats (APTs) in the field of cyber hackers. According to the Radiant Report, the APT1 is actually the Unit 61398 under China’s People’s Liberation Army (PLA) General Staff Department’s (GSD) 3rd Department. It targets a whole variety of sectors, including many fields related to daily life, such as information technology, public administration, energy, transportation, legal services media, advertising and entertainment, navigation, financial services, food, healthcare, education, etc. It was estimated that the APT1 has systematically stolen hundreds of terabytes of data from at least 141 organizations. Also, there are many other APTs from China that target many other countries or industries.

So, the question is: will the Chinese regime not be interested in the big data collected from smart cities in other countries if they have to put considerable efforts in massive persistent cyber attacks and espionage to steal information? If other countries use Chinese high-tech companies as suppliers, they are willingly handing over data to them. Will they refuse such an offer?

Dr. Xiaoxu Sean Lin is a former U.S. Army officer with expertise on infectious diseases, surveillance and global public health. He was the co-founder and former executive vice president of Sound of Hope Radio Network, and hosted talk shows on China’s current affairs on New Tang Dynasty TV. Currently, he is the founder and general manager of WQER-LP Radio Station. He is also a frequent news analyst and commentator for Sound of Hope Radio Network, with a focus on global public health, national security and foreign relations related to Asian affairs.

A previous version of this article misrepresented allegations about the microchips in Supermicro motherboards reported by Bloomberg. The Epoch Times regrets the error.

Views expressed in this article are the opinions of the author and do not necessarily reflect the views of The Epoch Times.