A digital forensics expert with significant experience of working with law enforcement and government agencies has suggested that UK consumer reliance on Chinese-made internet devices, such as video doorbells, are creating ‘back doors’ into the country’s national security.
Richard Hale, Senior Lecturer and Course Director of Digital Forensics at Birmingham City University, spoke after the new Head of MI6 Richard Moore warned of China’s “debt traps and data traps” in Moore’s first live broadcast interview last week.
“China is absolutely a country of concern when it comes to hacking, data harvesting and the use of their technology in our personal and professional infrastructures here in the UK.
“Internet of Things (IoT) devices – eg hardware which uses Wi-Fi to communicate - bought by many of us are often produced in China with corresponding data centres also residing there. One example might be how many video doorbells now exist in the UK, how many are produced by Chinese companies, and therefore how many video transmissions and recordings are routed through Chinese servers.
“We assume that these video feeds, which link to remote servers and app or web portals, are fully encrypted and that no one can view or download the feed. However, any third party such as the manufacturer, could theoretically access the video, and the audio functions including listening to conversations of people close by.
Could external parties have eyes in hundreds or thousands of locations without having to tap into professional CCTV run by local authorities? Or alternatively, could a third party also disable feeds giving a no video surveillance’ corridor?
“We’ve already seen UK law enforcement using video doorbells and other private CCTV to aid in investigations. Flipping that process to suit more nefarious ambitions could open the country up very easily.
“Good practice when purchasing any of these devices starts with the brand. Do your research, look for confirmation of a privacy policy.
“Is your data encrypted, who has access to it, and is 2FA (two-factor authentication) on offer? Consumers must practice good password hygiene and when camera apps ask for location information, it is sensible to deny the request.”
