The National Cyber and Information Safety Agency (Nukib) of the Czech Republic is instructing important infrastructure organizations in the country to use Chinese technology or to avoid transferring user data to servers located in China.
The agency warned that these actions constitute an important cyber security threat and should be completely avoided until there is a proper justification to continue the practice.
Nukib states that it has revalled the estimate of its risk of important disruption caused by China, now it has been assessed at the “high” level, indicating the high probability of the event.
“Current important infrastructure systems are dependent on storing data in cloud repository and enabling remote operations and updates on processing and on network connectivity,” Reads the warning,
“In practice, this means that the technology solution provider can fundamentally affect the operation of the important infrastructure and reach/or reach significant data, allowing the supplier’s reliability to be completely important to rely.”
Nukib said it has already confirmed the malicious activities of the Chinese cyber-actors targeting the Czech Republic, including recent APT31 expeditions that targets the Ministry of External Affairs.
Additionally, the agency emphasizes that the Chinese government has access to data stored by private cloud service providers within the country, ensuring that sensitive data is always within its reach.
In addition to significant infrastructure, Dukti Consumer devices, such as smartphones, IP cameras, electric cars, large language models and even medical devices and even photovoltaic converters manufactured by Chinese firms warns.
All these are characteristic in the form of risky devices that can transfer potentially sensitive data to Chinese infrastructure.
All institutions under the Czech Cyber Security Act, including energy, transport, healthcare, public administration, financial services and other important industries, should adopt security measures to reduce risks.
The Nukib warning does not ban the ban on transfer of data to PRC or allowing remote administration, but important infrastructure organizations should now include a danger in their risk analysis and decide what measures need to be implemented to reduce it.
Order, with its full text Available hereIt is not legally binding to the general public.
However, the dam still recommends that the Czech citizens carefully consider the bulletin and evaluate the products they use.
The passwords broke in 46% of the atmosphere, almost doubled by 25% last year.
Picus Blue Report 2025 Now get a wider look at more conclusions on prevention, detection and data exfIs.
