An ominous bulletin issued by Homeland Security has raised concerns about a potential surveillance threat posed by cyber actors exploiting internet-connected cameras within critical U.S. infrastructure. The bulletin warns that a cyber actor could infiltrate IT networks through these cameras and then move on to compromise other devices, leading to the extraction of sensitive process data that could be used for malicious purposes such as attack planning or disrupting business operations. The bulletin further highlights the risk of cyber actors manipulating cameras on safety systems to suppress alarms, trigger false alarms, or disable fail-safe mechanisms.
Of particular concern is the practice of “white labeling,” where internet-connected cameras made in China are imported, packaged, and sold by other companies, thus evading U.S. regulators’ scrutiny. The bulletin reveals that China has managed to circumvent efforts to block the use of these cameras in the U.S. by employing white labeling tactics. To address this issue, the bulletin calls for broader dissemination of tools that can identify Chinese-made cameras, especially those that are white-labeled. Such measures are seen as crucial in enforcing the 2022 Federal Communication Commission (FCC) ban on the import of these cameras and in mitigating the threat posed by Chinese cyber actors leveraging these devices for nefarious purposes.
The bulletin discloses that as of early 2024, an estimated 12,000 Chinese-made internet-connected cameras were in operation across numerous critical infrastructure entities in the U.S. Despite the FCC ban, the number of cameras within U.S. networks is believed to have surged by up to 40% from 2023 to 2024, largely due to the prevalence of white labeling. State-sponsored Chinese cyber actors have reportedly been actively targeting vulnerabilities in Chinese-made cameras since at least 2020, underscoring the persistent threat posed by these devices.
In a recent incident in March 2024, Chinese-made cameras at a U.S. oil and natural gas company were found to be communicating with servers based in China, including one potentially linked to a Chinese state-sponsored cyber actor, as revealed by the Office of the Director of National Intelligence’s Commercial Cyber Threat Intelligence Program. This alarming discovery underscores the urgent need to address the risks associated with Chinese technology infiltrating critical U.S. infrastructure.
The bulletin comes at a time of heightened national security concerns surrounding Chinese technologies such as TikTok and the more recently identified threat posed by DeepSeek. DeepSeek, a newly developed artificial intelligence tool, has been found to contain hidden code enabling the direct transfer of user data to the Chinese government, raising significant national security implications. Cybersecurity experts warn that DeepSeek’s potential connection to the Chinese government could create a serious vulnerability, exacerbating the risks posed by malicious actors.
The integrity of the nation’s communications networks is also under scrutiny in light of ongoing Chinese hacking and espionage campaigns. In a notable incident last year, Chinese hackers orchestrated a large-scale breach targeting American mobile phone users, compromising the data of potentially over a million
