Can China spy on my camera system? Here's how to prevent it!

4 min read
Kan China meekijken op mijn camerasysteem? Zo voorkom je dat!

More and more IP cameras are being used to secure homes, business premises, or perimeters. This raises the question: can cameras from foreign brands, for example, monitor the situation? And if so, what can you do to prevent this? In this article, we'll discuss how to secure your installation using VLAN, local storage, and the right brands, focusing on renowned brands like UniFi and Ajax Systems. We'll also explain why Chinese brands Hikvision and Dahua can be reliable, unlike ultra-cheap cameras often available at retailers like Action.

Why people are afraid of cameras watching

Many budget IP cameras are purely cloud-based: your app connects to an external server, often located abroad. This can create the following risks:

  • Images or metadata are stored or leaked via external servers.
  • The manufacturer has access or there is access from unknown external locations.
  • Default passwords or open services make it easily accessible to third parties.

The bottom line is that an online camera, without proper security, is a potential risk . This applies to all brands. But the differences lie in security, the ecosystem, and the update policies.

Don't choose ultra-cheap cameras — choose reputable brands

Why no junk cameras?

Budget cameras (e.g. from unknown OEMs) often have:
✘ No or rare firmware updates
✘ Poor encryption or unclear protocols
✘ Mandatory use of cloud servers, no local storage
✘ Unknown manufacturer, no transparency about security

Why brands like UniFi and Ajax Systems?

✔ UniFi (from Ubiquiti) provides a professional network and camera system with on-premises storage, self-management and a well-known ecosystem.
Ajax Systems develops and produces security systems (alarm systems and cameras) in Europe, with a focus on quality, safety, and user-friendliness.
✔ Both brands offer: firmware maintenance, clear documentation, local storage options and support of industry standards.

What about Hikvision and Dahua? Why are they reliable?

Some users think all Chinese brands are "suspicious." In the case of Hikvision, Uniview, and Dahua, that's too simplistic. Here are a few points:

  • Hikvision and Dahua are among the world's largest suppliers of professional security and camera systems for data centers, stadiums, airports, transportation, and large companies.
  • They have extensive certifications (e.g. ONVIF compatibility, ISO certifications, cybersecurity audits).
  • For professional installation, you can manage the firmware, use local storage, and exclude cloud connection if desired.
  • The price can vary: entry-level models are inexpensive, but the professional models are truly enterprise-class.

Summary: it is not so much about the country of origin, but about whether you set up the system properly , choose a brand that provides updates and you keep management in your own hands .

How do you prevent someone from looking over your shoulder? Practical steps

1. Local storage instead of cloud

  • Use an NVR or NAS on which the cameras store footage locally.
  • Avoid cameras that only function via cloud platforms.
  • Preferably set RTSP or ONVIF so that your own application processes the images.

2. Place cameras on their own network segment (VLAN)

  • Create a separate VLAN just for cameras/gaming device network.
  • Make sure cameras do not have access to the internet or other critical networks.
  • Example:
 VLAN 10 – Camera's – geen internet
 VLAN 20 – NVR – beperkt internet, alleen updates
 VLAN 100 – Gebruikers – toegang tot NVR via veilige verbinding

3. Placement of cameras

  • Don't designate private spaces like bedrooms or bathrooms; this raises privacy concerns.
  • Place cameras on the front door, driveway, garden, warehouse — places where security makes sense.
  • Make sure the campaign is visible (deterrent effect) but not vulnerable to sabotage.

4. Equipment security

  • Change default passwords immediately.
  • Disable UPnP.
  • No port forwarding of cameras unless via VPN.
  • Enable 2-factor authentication where possible.
  • Keep firmware up to date.

5. Firewall & network rules

  • Block outgoing traffic from cameras to the internet.
  • Only traffic allowed from cameras to NVR/NAS.
  • Monitoring for suspicious outgoing sessions.

Why the combination: UniFi/Ajax + Hikvision/Dahua + good network architecture works

When you choose a strong brand (such as UniFi or Ajax Systems) and implement it as described above—local storage, VLAN, and proper placement—you get the following:

  • Control : you manage the images yourself.
  • Safety : Well-known brands receive regular updates and have proven installations.
  • Flexibility : you can expand later (additional cameras, outdoor detection, integration).
  • Peace of mind : you know who has access and you prevent unknown parties from looking along.

Even if you use equipment from Hikvision or Dahua—as long as you buy the right models (professional line) and install them properly—it's not "harmful." It only becomes risky if you blindly install a cheap cloud camera without proper supervision.

Conclusion

Yes—in theory, someone could be watching your camera system. But with the right brands and network architecture, it's easily preventable.

✅ Choose brands like UniFi, Ajax Systems, Hikvision, or Dahua over no-name cloud cameras.
✅ Provide local storage and management.
✅ Place cameras carefully.
✅ Use a separate VLAN and restrict internet access.
✅ Secure the installation (password, updates, firewall rules).

Leave a comment

Please note, comments need to be approved before they are published.

In this article...

We're talking about the products below. There are many more ways to achieve the above, but these are our favorites.