If your school, city building, library, county facility, or federally funded property still has Hikvision cameras mounted on the walls, you are running equipment the U.S. government has formally identified as a national security risk. The restrictions started in 2018 with the National Defense Authorization Act (NDAA Section 889), expanded through FCC "Covered List" rulings in 2022, and have continued to tighten through 2025 and 2026. For any building that touches federal dollars — and that includes almost every K-12 school, community college, municipal building, and public housing project in Minnesota — Hikvision is no longer a defensible choice.
This guide explains what the Hikvision ban actually covers, why the Chinese government backdoor concern is real (not marketing FUD), and what property owners, superintendents, city administrators, and facility directors should do about the Hikvision, Dahua, and rebadged OEM cameras still sitting on their networks.
What the Hikvision Ban Actually Says
Three overlapping federal actions govern Hikvision use in the United States:
- NDAA Section 889 (2018, effective August 2019/2020). Prohibits federal agencies — and any entity receiving federal grants or contracts — from procuring or using "covered telecommunications equipment," which explicitly names Hikvision, Dahua, Hytera, Huawei, and ZTE, along with any subsidiary, affiliate, or OEM-rebadged product.
- FCC Covered List (November 2022). The FCC revoked authorization for new Hikvision and Dahua equipment to be imported or marketed in the U.S. for public safety, government facilities, physical security surveillance of critical infrastructure, and national security uses.
- State and grant-program rules (2023–2026). Many state education agencies, Homeland Security grants (including school safety grants), USDA rural development funds, and public housing authorities now require Section 889 compliance certifications. Non-compliant equipment can disqualify a district or municipality from funding.
The practical result: any government-funded building — schools, courthouses, city halls, police and fire stations, public libraries, water treatment plants, transit hubs, public housing, and federally backed healthcare facilities — should treat Hikvision and Dahua cameras as equipment that must be removed and replaced, not simply left in place until failure.
The Chinese Government Backdoor Concern Is Not a Rumor
Hikvision (Hangzhou Hikvision Digital Technology) is 42% owned by the Chinese state through China Electronics Technology Group Corporation (CETC), a state-owned military contractor. Under China's 2017 National Intelligence Law (Articles 7 and 14), any Chinese company — and any Chinese citizen — is legally required to "support, assist, and cooperate with" state intelligence work when asked, and to keep that cooperation secret. There is no equivalent of a warrant, a court challenge, or a public disclosure requirement. This is the structural reason U.S. agencies treat Hikvision and Dahua differently from other foreign camera manufacturers.
On top of the legal exposure, Hikvision equipment has a long documented history of exploitable vulnerabilities:
- CVE-2017-7921 — an authentication bypass in dozens of Hikvision IP camera models that allowed full admin takeover with a crafted URL. Exploited in the wild for years.
- CVE-2021-36260 — an unauthenticated remote code execution flaw affecting over 80 Hikvision camera and NVR models. Rated CVSS 9.8 (critical). CISA added it to the Known Exploited Vulnerabilities catalog; it is still being scanned for and exploited today.
- Default and hard-coded credentials in older firmware, plus telemetry and firmware update traffic that phones home to servers in mainland China by default.
- Botnet recruitment. Hikvision and Dahua devices are among the most common camera brands recruited into the Mirai, Mozi, and Moobot botnets used to launch DDoS attacks and pivot into corporate networks.
Combine "legally compelled cooperation with a foreign intelligence service" with "internet-exposed devices sitting on the same network as your student information system, badge access, HVAC controls, and business office" and the risk profile becomes very clear: every Hikvision camera on your network is a potential entry point that you cannot fully audit, cannot fully patch, and cannot legally trust.
Why Schools and Government Buildings Are the Highest-Risk Environments
Hikvision was, for years, the cheapest name-brand camera on the market — which is exactly why so many school districts, city IT departments, and small municipalities standardized on it between roughly 2012 and 2020. Today those same buildings house the exact data and access that adversaries want:
- Student information systems, IEPs, health records, and family contact data
- Federal E-Rate, Title I, and school safety grant reporting infrastructure
- Municipal water, wastewater, and traffic control networks
- Voter registration systems and county election infrastructure
- Badge access, door schedules, and lockdown systems used during active-threat events
- Public safety radio, dispatch, and video evidence chain-of-custody
A Hikvision camera in the parking lot of a K-12 school, sitting on the same flat VLAN as the district office, is not a hypothetical risk. It is the exact configuration that federal cyber advisories have flagged repeatedly since 2019.
How to Tell If You Have Hikvision (or a Rebadge) On Your Network
Many buildings have Hikvision and don't know it, because Hikvision manufactures OEM cameras sold under other names. Common rebrands and affiliates that fall under the same NDAA restrictions include:
- LTS (LT Security)
- Interlogix TruVision (certain model lines)
- Honeywell Performance Series (certain older SKUs)
- Northern Video, W Box Technologies, Alibi, ADI-branded cameras
- EZVIZ (Hikvision consumer sub-brand)
- Dahua rebrands: Amcrest, Lorex (historically), Q-See, Swann (certain SKUs), FLIR (certain lines)
A qualified low-voltage contractor can inventory your existing cameras and NVRs by MAC address prefix (OUI), firmware banner, and management interface fingerprint — usually in an afternoon — and produce a Section 889 compliance report you can hand to your grant administrator or insurance carrier.
What to Replace Hikvision With
The current market for NDAA-compliant, Trade Agreements Act (TAA)-compliant commercial cameras is deep. Common replacements used in Minnesota schools and municipal buildings include Axis Communications (Sweden), Avigilon / Motorola Solutions (U.S./Canada), Verkada (U.S., cloud-managed), Hanwha Vision / Wisenet (South Korea), i-PRO (Japan, spun out from Panasonic), Bosch (Germany), and Pelco (U.S., now Motorola). All are explicitly NDAA-compliant and appropriate for K-12, higher education, healthcare, and government use.
Modernization isn't just a swap. A proper replacement project usually includes VLAN segmentation so cameras never share a broadcast domain with student, staff, or SCADA traffic; a supported NVR or cloud recording platform with role-based access; integration with existing access control and mass notification systems; and evidence-grade resolution at the entry points your school resource officer or local PD actually asks for. Our security camera installation service page and our camera replacement guide cover the full scope.
How to Fund a Hikvision Replacement Project
Schools and government buildings have more funding options than most people realize:
- Homeland Security school safety grants (state-administered, NDAA compliance required)
- COPS School Violence Prevention Program (SVPP) grants
- State bonding and long-term facilities maintenance (LTFM) revenue for Minnesota school districts
- USDA Community Facilities grants and loans for rural municipalities
- Referendum and capital improvement funds tied to safety and infrastructure
- Cyber insurance carriers that offer premium reductions for documented Section 889 remediation
A written scope, a Section 889 compliance letter, and a phased replacement plan are usually all a grant administrator needs to approve the funding.
Local Coverage for Schools, Cities, and Government Buildings
Magnuson Low Voltage Wiring helps Minnesota and western Wisconsin school districts, city and county governments, public housing authorities, and federally funded facilities inventory their existing camera stock, produce Section 889 compliance documentation, and replace Hikvision, Dahua, and rebadged OEM equipment with NDAA-compliant systems. See our service areas and the industries we serve, including education and government.
Related Reading
For context on the broader security stack these cameras live in, see our commercial security systems buyer's guide, the hidden cost of outdated commercial technology, 2026 camera installation costs in Minnesota, and the future of school security.





