[ad_1]
He said this to the heads of the National Center for Cyber Security (NKSC) and the Ministry of National Defense on Wednesday in committee Following the findings of a study on security vulnerabilities in Chinese surveillance cameras Hikvision and Dahua.
“No one really knows: if the camera is off, is it really off, not filming right now, or can’t be turned on remotely? This undoubtedly raises concerns about security and other circumstances. I mean, Professionals should also advise on what to do to prevent such cases, if there are any, and the deficiencies cannot be eliminated, such cameras should not be used, at least in state institutions, such as the police, “emphasized D. Gaižauskas.
Arvydas Anušauskas, the representative of the opposition conservatives on the committee, stated that unsafe cameras are also installed at the NSGK premises.
“In this office, where we (NSGK – BNS) discuss, there is exactly the same camera that broadcasts our meetings to the public,” A. Anušauskas told journalists at Seimas on Wednesday.
AFP / Scanpix Photo / Hikvision CCTV
D.Gaižauskas says he does not have such data and urged his colleague to share the available information.
“If the committee is monitored by the same cameras, that is very bad, I will immediately offer to dismantle such cameras,” he said.
D.Gaižauskas stated that, following the recommendations of cyber security experts, the committee proposes to close the gaps as soon as possible, to provide security requirements for future acquisitions, as well as to prepare the necessary legal acts for the Government.
At that time, the NSGK Vice President, Conservative Laurynas Kasčiūnas, doubts whether the NKSC recommendations are not enough to change the cameras, just to take care of their safety, and proposes to create a “black” list of manufacturers to avoid similar situations in the future.
“It is not a very conscious decision, so I am sure to raise the question of whether we will voluntarily take the American path and say what a provider whitelist is, what a provider blacklist is.” States do that, why can’t we do it? L. Kasčiūnas discussed before the committee meeting.
Photo of Žygimantas Gedvila / 15min / Laurynas Kasčiūnas
D.Gaižauskas says that the initiative was not discussed in the committee.
“I don’t think I make black and white lists. Probably only Kasčiūnas had such an offer here,” D. Gaižauskas told reporters at Seimas.
He claims that the municipalities and some other institutions bought the cameras in strict compliance with the law. Then he wondered why the National Cyber Security Center (NCSC) had not warned about unsafe cameras before.
“The question arises where the institutions responsible for our computer security have been before.” To resolve these issues, a task force was formed that made the proposals through the cybersecurity center and suggested that all possible steps be taken. to eliminate these deficiencies with the participation of the specialists themselves, “he assured.
If the committee is monitored with the same cameras, it is very bad, I will immediately offer to dismantle such cameras, – said D. Gaižauskas.
According to him, there are also doubts about the deficiencies of other facilities, “especially related to China,” that manufacturers “have an obligation to report to or coordinate with the Chinese government.”
“We are concerned about that, so we avoid those Chinese products in one way or another,” said D. Gaižauskas.
Prime Minister Saulius Skvernelis says that national security compliance provisions for certain producers must be enshrined in law so that contracting authorities can adjust their public procurement accordingly.
“If there is a public procurement, it complies with the conditions established in the Public Procurement Law. If, according to the law, equipment of this or another nature cannot be obtained from one or the other party, if this represents a threat, it will obviously be It is necessary to adjust the law and the conditions of acquisition to the contracting powers, since all the equipment that will be provided is information, information technology, video surveillance, it must first comply with our national security criteria and must be harmonized with other laws under which either acquisition is made, “Skvernelis said at a press conference on Wednesday.
The NKSC, which evaluated video surveillance cameras from Chinese manufacturers Hikvision and Dahua, has identified more than 60 different security vulnerabilities, some of which, according to the NKSC, are high-threat and allow camera passwords to be intercepted. and remotely administered. Among other things, the camera software has been found to be updated on servers in Russia, which in turn sends confidential hardware information.
The NKSC provided guidance to authorities on how to ensure the safety of these already purchased cameras, as well as what requirements should apply to manufacturers in the future.
According to the NKSC, the cameras are used by 57 public sector institutions in Lithuania, 24 of which have direct Internet connections. These institutions include the departments of management, migration, the Lithuanian police, as well as the State Border Guard and Public Security Services, the state company Oro Navigacija, the Vilnius city municipality and others.
[ad_2]