Hikvision is a Chinese surveillance camera and video analytics vendor founded in 2001, headquartered in Hangzhou, and majority-owned by the Chinese state through China Electronics Technology Group. The company is the world’s largest manufacturer of video surveillance equipment, with cameras deployed in more than 150 countries. Hikvision is subject to US export controls, having been added to the Department of Commerce Entity List in October 2019 and to the FCC’s Covered List in 2022, restricting its products from US federal infrastructure and grant-funded deployments.
What it means in practice
Hikvision’s product range covers IP cameras, network video recorders, video analytics platforms, and access control systems. The video analytics layer includes face recognition, behaviour analysis, vehicle classification, and crowd density estimation. The company’s deployments in Xinjiang, including in re-education camp infrastructure, were a central reason for the 2019 Entity List addition. Public reporting by IPVM and others has documented Hikvision’s role in surveillance infrastructure that directly supports the Chinese government’s policies in the region.
Specific things to know
Hikvision’s commercial market remains substantial despite US restrictions. The European market remains open in most countries, with continued sales to commercial, municipal, and some governmental customers. The UK government issued guidance in 2022 against Hikvision deployment on sensitive sites. Australia and France have implemented similar restrictions for government use. The technical capability of the cameras is well-documented in IPVM testing and is broadly competitive with non-restricted vendors at the consumer and small-business price points.
Change today
For households and small businesses considering surveillance camera installation, the operational answer is to distinguish between geopolitical concerns and technical security concerns. Hikvision cameras have well-documented historical vulnerabilities, including the 2017 backdoor controversy, and remain a known target for IoT botnet operators. Patch them aggressively, segment them on a separate VLAN with no internet access, and consider non-Chinese alternatives for any deployment where firmware-level supply chain risk is a relevant concern.
Related articles
See our coverage of the Xinjiang surveillance infrastructure documentation, the US Entity List actions against Chinese surveillance vendors, and the operational threat model for IoT camera deployments.