CyberCX is calling for consumer protections on Chinese smart devices, following an investigation into a hacked doorbell in an Australian house, which allowed an attacker to monitor video feeds.
Leading cyber security firm CyberCX is calling for enhanced consumer protections on Chinese-made internet connected devices, following an investigation into a compromised doorbell in an Australian house, which allowed an attacker to monitor video feeds.
An investigation by CyberCX’s digital forensics and incident response team found a Chinese-made Dahua internet connected doorbell in an Australian home was compromised by an attacker.
The attacker was able to access surveillance feed of the family’s front door and driveway, able to connect to the household Wi-Fi, and locked the family out of the device.
The compromise was only found when a member of the family connected a work computer to their home Wi-Fi, triggering an alert with the employer’s cyber security systems.
The warning comes amid heightened scrutiny on the security of Chinese-made devices.
In the United States, authorities are contemplating a ban on the TP-Link Wi-Fi routers – the Chinese-made router which is suspected to be linked to several cyber attacks.
CyberCX chief strategy officer Alastair MacGibbon said Chinese internet connected devices were manufactured and sold at the lowest possible cost and with negligible security measures, leaving many wide open for exploitation by criminals.
“We are effectively sleepwalking into a world where demonstrably unsafe Chinese products are flooding the Australian market,” he said.
“Internet-connected devices are not secure when they come out of the box, and while these risks can apply to all connected devices in the home, they are particularly pronounced for Chinese-made tech chich requires a constant, ongoing connection to Chinese manufacturers to operate, leaving them at the whim of Chinese government security agency direction and surveillance.
“While these cheap, imported devices are attractive to cost-conscious consumers battling the rising costs of living, consumers need to understand they are effectively bringing foreign surveillance tools into their homes.”
The doorbell revelation comes after, in last 2024, federal parliament passed the Cyber Security Bill 2024.
The bill, which was described as “urgent” by both sides of politics in the leadup to its enactment, seeks to establish minimum cyber security standards for smart devices.
The legislation also introduced mandatory ransomware reporting for certain businesses to report ransom payments, and established a cyber security incident review board.
“While it’s encouraging to see that the government has introduced new security requirements for internet connected smart devices as part of last year’s cyber security reforms, it remains to be seen how these reforms will protect Australian households from the influx of cheap connected devices available on Chinese e-commerce platforms like Temu and Shein.”
