EXCLUSIVE: Bugger The Risk, Officeworks Now Selling Banned Companies Security Cameras
Their cameras are banned in multiple Countries including Australia and and they have been clearly identified as “high risk”, but that has not stopped Officeworks getting into bed with Chinese security camera brand Hikvision, and their consumer brand EZVIZ.
Recently the Wesfarmers owned retailer started selling 13 variations of security camera manufactured and supplied by Hikvision who use the brand name EZVIZ for their consumer range of cameras after ignoring the findings of a leading security Company who has invested the risks associated with the cameras now being ranged at the big retailer.
When ChannelNews initially revealed that Officeworks was getting into bed with the Chinese Company whose security cameras have been stripped from both State and Federal Government Offices in Australia because they are seen as “high risk” the big retailer refused to comment with their PR advisors questioning where the information had come from.
Officeworks is owned by Wesfarmers who earlier this year were exposed by Choice using Chinese security cameras and facial recognition software to spy on the shopping habits of their customers at their Kmart and Bunnings stores.
In their latest ranging EZVIZ cameras spanning outdoor and indoor models, have been pushed to the forefront at the expense of brands such as the Australian owned Swann Communications.
Officeworks is also pushing another Chinese brand TP Link.
Hikvision and their cameras are already on several banned lists and EZIVIZ cameras have also been banned in US and someEuropean retail stores.
Prior to Officeworks choosing to range the EZVIZ cameras security research Bitdefender identified multiple vulnerabilities in EZVIZ smart home cameras used in Australia and New Zealand, which could potentially allow attackers to execute malicious actions like controlling cameras, downloading images, and accessing people’s video feeds.
It appears that Officeworks who brags about “protecting” their customers took no notice of the findings claims a Company executive.
Bitdefender IoT security director Dan Berte flagged the open connectivity of the devices, which can be accessed from anywhere the user has an internet connection, with user-device communication relayed via cloud servers.
Multiple vulnerabilities in several lines of EZVIZ cameras now being ranged by Officeworks have been identified.
Bitdefender has estimated about 10 million devices are impacted based on known Android/iOS installs.
Bitdefender researchers have also discovered vulnerabilities in the EZVIZ cameras that could allow an attacker to remotely control the camera, download images, decrypt them and bypass authentication to execute code remotely when daisy chained.
Several Governments claim that hackers could potentially view a Hikvision manufactured camera’s feed from anywhere.
These chipsets have caused cybersecurity issues in the past and pose the risk of being backdoor accessible, which makes them a prime target for hackers.
Australia’s Defence Department removed all Chinese manufactured surveillance cameras after an audit detailed the number of Hikvision and Dahua devices installed in various government facilities.
In an impromptu interview on Friday, deputy prime minister and minister of Defence Richard Marles revealed that all the relevant Chinese-manufactured Defence department cameras had been removed.
“We’ve done a database search of all those cameras. I’ve actually asked, in addition to that, for the Department to engage in a further audit, just to make sure we’ve not missed any. And if there are any, they will be removed,” said Marles.
Officeworks management are refusing to comment.