Dahua Addresses Recent Report Regarding DDoS Attack

Video surveillance equipment provider Dahua Technology responds to recent coverage about a security breach.

Editor’s note: Dahua Technology has expressed concern about a recent article summarizing a Wall Street Journal piece about a DDoS attack. Dahua responds here.

We would like to address some inaccuracies in the Wall Street Journal article that were subsequently published in your coverage, and we appreciate the opportunity to address them.

To clarify, Dahua Technology has maintained a B2B business model and sells its products through the channel. Currently in the North America market, we don’t sell our products “directly to consumers and businesses through [our] website or retailers like Amazon.”

Amazon is not an approved Dahua distributor and we proactively conduct research to identify and take action against the unauthorized sale of our products. A list of authorized distributors is available here.

Also, the Wall Street Journal omitted facts from the Level 3 report, in particular, the passage that states, “Of the bots we’ve observed participating in attacks, peaking at more than 1 million devices, a large percentage are located in Taiwan, Brazil and Colombia.”

Dahua’s Cybersecurity Committee is dedicated to researching, testing and verifying vulnerabilities, as well as working very closely with third parties who conduct regular testing on Dahua products. To the best of our knowledge, the DDoS [distributed denial-of-service attacks] threats have not affected any Dahua-branded devices deployed or sold in North America.

The committee has also determined the devices that became part of the DDoS attack had one or more of these characteristics:

  • The devices were using firmware dating prior to January 2015.
  • The devices were using the default user name and password.
  • The devices were exposed to the internet without the protection of an effective network firewall.

Education and communication are very important to us, and keeping our customers informed of any risks or potential risks is a priority. We are reiterating to our customers that it is crucial to select strong passwords, keep firmware updated, and only forward ports their devices actually need.

We strongly recommend that our customers and partners review our list of cybersecurity best practices on our website, which can be viewed here

As always, we have firmware updates available on the Dahua Wiki, and a dedicated channel for customers to ask questions about cybersecurity or report suspected vulnerabilities (cybersecurity@global.dahuatech.com).

Specific to this issue, we are offering replacement discounts as a gesture of goodwill to customers who wish to replace pre-January 2015 models. Dealers can bring such products to an authorized Dahua dealer, where a technical evaluation will be performed to determine eligibility.

Above all, securing our customers’ assets and protecting their Dahua products is of the utmost importance to us. We continue our commitment to work with our customers and partners to make our products and solutions as secure as possible.