A radical but predictable decision
On June 27, 2025, Ottawa demanded that Chinese manufacturer Hikvision shut down its Canadian operations, citing a risk to national security. The government suspects the company of being used for interference or espionage by entities linked to the Chinese state (Reuters).
Although the announcement came after Justin Trudeau’s successor, Mark Carney, took office, the process had been underway since the winter of 2025 under the previous government.
Concerns known for years
Concerns about Hikvision did not begin in 2025. As early as 2022, Canada’s Communications Security Establishment (CSE) reported critical vulnerabilities in cameras manufactured by Ezviz, a subsidiary of Hikvision. These flaws exposed millions of devices to risks of intrusion, unauthorized access to video streams, and data theft (Solutions Numériques).
In December 2023, the Quebec government banned the purchase of Hikvision cameras for all ministries, public institutions, and state-owned companies. This measure was intended to prevent the risk of interference and protect critical infrastructure in the province (Journal de Montréal).
A giant rooted in our everyday environments
Hikvision is not an obscure player.
The company is one of the world’s largest manufacturers of surveillance cameras. Its products can be found in businesses, schools, private homes, and Quebec SMEs, often without users being fully aware of the product’s origin.
Its success is based on three factors: unbeatable prices, decent video quality, and easy installation. But this accessibility hides an invisible cost: data sovereignty.
A discreet but strategic local presence
In 2017, Hikvision announced the creation of an R&D center in Montreal (Direction Informatique). The goal: to bring its operations closer to the North American market while adapting its technologies to local needs.
This development highlights how foreign technologies, even controversial ones, can become firmly embedded in our ecosystems without raising immediate alarm.
SMEs and homes exposed without knowing it
Many Quebec SMEs still use Hikvision equipment today—often under other brand names such as Ezviz, LTS, or Trendnet. These cameras are sometimes purchased online or installed by subcontractors without clear mention of the original manufacturer.
The problem? Many of these devices:
- communicate with foreign servers by default;
- no longer receive security updates;
- retain the original passwords, which are easy to guess;
- are exposed to the Internet without adequate protection.
The situation is similar in the residential sector. Smart cameras connected to home Wi-Fi networks become gateways to the entire connected home system: router, TV, heat pump, etc.
Connected devices often left unattended by IT
It is important to remember that these cameras are often considered connected devices (IoT) rather than actual IT equipment. As a result, they frequently fall outside the scope of IT service management. They are rarely included in security policies, do not receive regular updates, and their network access remains largely uncontrolled.
This lack of support creates a critical blind spot in corporate and home cybersecurity.
A spy in your office or living room?
In 2023, a study by the firm Recorded Future identified several cases of Hikvision devices communicating with servers in China without the explicit consent of users. These connections sometimes include transfers of metadata or images that can be exploited remotely.
Imagine: a camera installed in an accounting office, capturing comings and goings, computer screens, conversations… All this sensitive information is potentially accessible to third parties.
Safer alternatives exist
Fortunately, there are more transparent solutions that comply with cybersecurity standards, developed in democratic jurisdictions. Above all, security requires better management of these systems, regardless of their origin:
- Segment networks (separate VLAN for cameras);
- Disable unencrypted remote access;
- Keep a clear inventory of devices;
- Set up alerts for unusual activity.
What companies can do right now
Here is an immediate action plan:
- Identify all installed cameras (brand, model, origin);
- Analyze their network configuration (local access, internet, open ports);
- Consult an IT specialist to assess the risk;
- Develop a purchasing policy based on security and compliance criteria.
A question of digital sovereignty
The Hikvision case reveals a broader issue: the growing dependence on foreign, sometimes hostile, technologies in critical functions such as physical security and surveillance.
This is not a question of isolationism, but of common sense. A supplier linked to an authoritarian state should not have control over the video feeds of a healthcare facility, school, or corporate headquarters.
Do you have questions about the security of your connected devices? The specialists at My Technician can help you assess the risks associated with your IT infrastructure and implement appropriate cybersecurity practices.
Make an appointment with our team today.
in your taskbar.