In late 2020 South Korea received 200 surveillance cameras from a Chinese manufacturer for installation on military bases. The Chinese manufacturer knew this and assured the South Koreans there would be no security risk. The South Koreans first tested some of the cameras while monitoring all the activities of the software that is installed in the cameras to provide additional features. It was noted that the cameras periodically sent information back to the manufacturer via the data link that connected cameras to human operator that monitored what the cameras were seeing. It’s common for consumer and commercial grade equipment to be equipped to automatically send performance information back to the manufacturer. This is a more efficient way to monitor large numbers of systems and detect possible problems before they become real problems for customers. The Chinese cameras had a “call home” capability that, on closer examination, enabled the manufacturer to obtain a lot more data on camera operation. This was deemed a potential security risk and installation of the cameras has been delayed until the Chinese manufacturer can either fix the problem or take the cameras back.
Scrutinizing Chinese made electronic systems has become standard for many nations that purchase these items for military or commercial use. In some cases that scrutiny has been applied to purely consumer items and that often reveals similar capabilities.