The first to open his eyes to what was going on was an official at Adr Tel, the company that manages the IT system at Rome’s Fiumicino airport. It was April 1, 2015, and the man fired off an alert communicating a cyberattack in progress. “There is an urgent problem with Hikvision cameras,” he wrote, noting that all of a sudden the 140 cameras installed in a transit area of the airport, Chinese-made, seemed to have gone haywire and, without stopping, were trying to connect to an unknown external IP. This is the umpteenth case, revealed in recent days by the program ‘Report’ on channel three of RAI (the Italian public broadcaster), which has called into question the use of surveillance devices developed by Beijing.
Italy began using video surveillance technologies from China on a massive scale in the last decade. Devices of this provenance were installed in dozens of public administration offices where potentially sensitive information is shared, but also in churches, clinics, hospitals, museums, ministries, police stations and even, since 2018, about 1,000 video cameras were placed in the interrogation rooms of 134 Italian prosecutors’ offices, as revealed by Wired magazine earlier this year.
Apparently, the potential risk was not easy to detect. Logically, the state signed contracts with local companies, which installed the Chinese devices. In many cases, these were cameras from the company Hikvision, one of the largest Chinese multinationals in the sector, based in Hangzhou, creator of facial recognition technologies and, since 2019, included in the US Department of Commerce’s ‘blacklist’ for alleged human rights violations. In another case, Zhejiang Dahua Technology itself, another Chinese company harassed by Washington, reported in September 2020 – when Giuseppe Conte, the former Italian prime minister, was governing – the installation of 19 thermal scanners with cameras in Palazzo Chigi, the seat of the Italian government.
Even so, the controversy was slow to erupt. It came after researchers discovered a serious security flaw in Hikvision cameras worldwide in September this year. Since then, the controversy has grown, fueled even by complaints from politicians in the government. The latest were Enrico Borghi and Filippo Sensi, deputies of the Democratic Party (PD), who asked the current government of Mario Draghi to investigate the matter, through a parliamentary question submitted on December 22.
“The Hangzhou Hikvision Digital Technology Co is majority owned by the Chinese government (…) and in Italy it operates successfully, through a branch, participating in very many tender procedures of the Public Administration,” the two parliamentarians began by saying. This company “would rely on cloud service systems, a circumstance that, in the absence of adequate cybersecurity measures, would expose the data to the risk of remote acquisition and analysis, favoring their reprocessing and communication, also in real time”, they continued. The government is therefore asked to assess whether this “is compatible with the necessary national security standards,” they concluded, noting that Hikvision is also under scrutiny by the European Parliament.
The complaints by Borghi – who is also a member of the Italian Parliament’s intelligence committee – and Sensi do not come, moreover, at just any time. Starting in January, Italy will launch its new Italian Cybersecurity Agency, whose task will be precisely to prevent risks in this sector.