Download PDF version Contact company
Related Links

In August, a Distributed Denial of Service (DDoS) attack occurred due to a massive botnet created by malware named Mirai. This attack was caused by vulnerabilities in a large number of IoT devices, such as security cameras and DVRs using default credentials. Dahua’s products were initially named as the victims of the hacking and the source of these DDOS attacks in reports by research firm Level 3 Communications, the Wall Street Journal, and industry trade publications.

A subsequent report by cybersecurity research firm Flashpoint was issued on October 7, confirming that the Mirai DDoS attacks originated primarily from devices manufactured by another video surveillance vendor, and not Dahua. The Flashpoint report prompted a series of headlines that downgraded Dahua devices’ involvement in causing the attacks, by Forbes.com, Network Security News, and SecurityWeek.  

Acknowledging vulnerabilities

Here is a statement issued by Dahua: “We acknowledge the vulnerabilities that some of our pre-2015 cameras and DVRs have used default usernames and passwords. This may have caused exposure to risks when the devices are exposed to the Internet without firewall protection. Dahua has taken steps to resolve this vulnerability and offer solutions. Keeping our customers informed of any threats or potential risks is a priority."

To address any potential issues,
Dahua has firmware updates
available on the Dahua Wiki,
and a dedicated channel for
customers to ask questions
about cybersecurity 

To address any potential issues, Dahua has firmware updates available on the Dahua Wiki, and a dedicated channel for customers to ask questions about cybersecurity or report suspected vulnerabilities (cybersecurity@global.dahuatech.com).

Cybersecurity best practices

The company’s statement continues: “We continue to remind our customers that it is crucial to select strong passwords, keep firmware updated, and only forward ports their devices actually need. We strongly recommend that our customers and partners review our list of cybersecurity best practices on our website

Specific to this issue, Dahua is offering replacement discounts as a gesture of goodwill to customers who wish to replace pre-January 2015 models. End users can bring such products to an authorised Dahua dealer, where a technical evaluation will be performed to determine eligibility, according to the company.

Above all, securing our customers' assets and protecting their Dahua products is of the utmost importance to us,” the company states. “We continue our commitment to work with our customers and partners to make our products and solutions as secure as possible.”

Download PDF version Download PDF version

Related videos

Enhanced security with S617 video door station

Enhanced security with S617 video door station
DNAKE S-series video door phone

DNAKE S-series video door phone
Install in minutes, no tech required: DNAKE intercom kit IPK04 & IPK05

Install in minutes, no tech required: DNAKE intercom kit IPK04 & IPK05

In case you missed it

In age of misinformation, SWEAR embeds proof of authenticity into video data
In age of misinformation, SWEAR embeds proof of authenticity into video data

The information age is changing. Today, we are at the center of addressing one of the most critical issues in the digital age: the misinformation age. While most awareness of thi...

Marin Hospital enhances security with eCLIQ access control
Marin Hospital enhances security with eCLIQ access control

The Marin Hospital of Hendaye in the French Basque Country faced common challenges posed by mechanical access control. Challenges faced Relying on mechanical lock-and-key technol...

Mitigating cybersecurity risks in industrial control systems with Honeywell
Mitigating cybersecurity risks in industrial control systems with Honeywell

Cybersecurity threats targeting organisations' industrial control systems (ICS) are not always direct. Instead, the most vulnerable entries to an ICS can start with external partne...

Featured white papers
Palm vein recognition

Palm vein recognition

Download
The key to unlocking K12 school safety grants

The key to unlocking K12 school safety grants

Download
Honeywell GARD USB threat report 2024

Honeywell GARD USB threat report 2024

Download
Selecting the right network video recorder (NVR) for any vertical market

Selecting the right network video recorder (NVR) for any vertical market

Download
Physical access control

Physical access control

Download
Quick poll
What is the most significant challenge facing smart building security today?
More corporate news
Antaira Technologies partners with Simantec Automation, expanding industrial networking market in Brazil

Antaira Technologies partners with Simantec Automation, expanding industrial networking market in Brazil
BeyondTrust adds KeyData, Novacoast and Sila Solutions to its partner program

BeyondTrust adds KeyData, Novacoast and Sila Solutions to its partner program
Pulse Secure launches promotion to simplify moving up to secure access

Pulse Secure launches promotion to simplify moving up to secure access
Featured products
Hikvision Unveils WonderHub: Revolutionising Interactive Displays for Collaboration

Hikvision Unveils WonderHub: Revolutionising Interactive Displays for Collaboration
Verkada GC31 Cellular Gateway for Seamless Device Connectivity

Verkada GC31 Cellular Gateway for Seamless Device Connectivity
Hikvision AX Hybrid PRO Alarm System For SMB Industrial Facilities

Hikvision AX Hybrid PRO Alarm System For SMB Industrial Facilities