Local governments in South Korea are no longer allowed to use CCTV cameras that have not gone through security verification by an official testing institute. Security standards for video recording devices in the public sector were no more than recommendations, until the intelligence agency raised the bar recently.
According to multiple local news outlets, the National Intelligence Service of South Korea sent out security instructions to public institutions and local governments on March 20, noting that security policies regarding CCTVs have changed from recommendations to obligations. Bound to this decision, local governments started removing unsecure CCTVs, particularly the ones that were not confirmed through security verification.
Yeoju-si, a city where 112,000 citizens live, is one of the local governments that launched security inspections of CCTVs following the national security watchdog’s decision. The city spokesperson said to a local media outlet on Tuesday that they will remove vulnerable CCTVs via security inspection and install only secure cameras which have been confirmed by official security testing.
The official testing of CCTV security is conducted by the Telecommunications Technology Association (TTA). Even though the spy agency had recommended that public organizations use CCTVs with the TTA’s security certifications, it was not adequately observed due to the heavy burden of getting devices tested, especially considering the time it takes. Complaints about the long wait times have already piled up at the TTA, with some vendors having to wait for up to six months only to get their devices tested, according to another local media outlet.
Despite of the disgruntlement from vendors regarding security testing, the public awareness of CCTV security has been elevated after dozens of sensitive videos were leaked from a plastic surgeon’s office. On March 7, the Seoul Metropolitan Police visited one hospital located in Gangnam to investigate a security incident that laid bare private scenes of medical examinations for plastic surgery procedures. The camera footage, which was recorded from February 24 to February 28, was exposed online and circulated through obscene websites based in China. According to a police briefing on Monday, the breach appeared to have taken place by hacking, meaning that an actor with malicious intent deliberately infiltrated the hospital’s internal network.
In the meantime, the issue has inevitably brought up controversies regarding Chinese-made CCTV security once again. The exposed video footage from the plastic surgeon’s office was recorded through IP cameras made by China’s Hikvision, the largest manufacturer of CCTV cameras in the world.
Last month, Australia announced that they would remove Chinese-made video equipment installed across the government’s estates, prioritizing national security. The United Kingdom in November of last year publicly stated that they fortified security restrictions on surveillance systems by banning Chinese cameras in the public sector. The United States has been preventing its federal agencies from using video equipment made by Chinese firms since 2018, referring to national security threats.
