CybersecurityGadgetsNewswireTechnology

Czech Agency Warns of Chinese Tech Risks in Critical Infrastructure

▼ Summary

– The Czech Republic’s cybersecurity agency (NUKIB) advises critical infrastructure organizations to avoid using Chinese technology and transferring user data to Chinese servers due to significant cybersecurity threats.
– NUKIB has reassessed the risk of disruptions caused by China as “High,” citing increased dependency on cloud storage and remote operations in critical systems.
– The agency has confirmed malicious activities by Chinese cyber-actors targeting the Czech Republic, including an APT31 campaign against the Ministry of Foreign Affairs.
– NUKIB warns that the Chinese government can access data stored by private cloud providers in China, making sensitive data vulnerable to exposure.
– The warning extends to consumer devices like smartphones and medical equipment from Chinese firms, which may transfer sensitive data to Chinese infrastructure.

The Czech Republic’s National Cyber and Information Security Agency (NUKIB) has issued a strong advisory urging operators of critical infrastructure to steer clear of Chinese technology and refrain from sending user data to servers based in China. This guidance stems from a heightened risk assessment that now classifies potential disruptions linked to China as posing a high probability of occurrence, elevating concerns over national security and data integrity.

According to the agency, modern critical systems rely heavily on cloud storage and remote network operations, making the trustworthiness of technology suppliers absolutely essential. NUKIB emphasized that providers of these solutions hold substantial influence over infrastructure functionality and data accessibility, underscoring the need for rigorous vendor evaluation.

The warning follows confirmed instances of malicious cyber activity by Chinese actors targeting Czech institutions, including a recent campaign aimed at the Ministry of Foreign Affairs. NUKIB also highlighted that under Chinese law, the government maintains access to data held by private cloud providers within its borders, ensuring that sensitive information remains within state reach.

Beyond traditional infrastructure, the advisory extends to consumer products such as smartphones, IP cameras, electric vehicles, and even medical devices originating from Chinese manufacturers. These items are flagged as potential conduits for transferring sensitive data to Chinese infrastructure, broadening the scope of cybersecurity vigilance.

Entities governed by the Czech Cybersecurity Act, spanning energy, transportation, healthcare, public administration, and financial sectors, are now required to incorporate these threats into their risk analyses and implement appropriate mitigation strategies. While the directive does not impose an outright ban, it mandates that organizations justify any continued use of such technologies and adopt protective measures.

Although the bulletin is not legally binding for the general public, NUKIB encourages all Czech citizens to review its recommendations and thoughtfully assess the technology products they use in both personal and professional contexts.

(Source: Bleeping Computer)

Topics

cybersecurity threats 95% chinese technology 93% data transfer 90% critical infrastructure 88% risk assessment 85% cloud security 82% government access 80% apt campaigns 78% consumer devices 75% remote administration 72%

The Wiz

Wiz Consults, home of the Internet is led by "the twins", Wajdi & Karim, experienced professionals who are passionate about helping businesses succeed in the digital world. With over 20 years of experience in the industry, they specialize in digital publishing and marketing, and have a proven track record of delivering results for their clients.