Security News > 2020 > December > US Department of Homeland Security warns American business not to use Chinese tech or let data behind the Great Firewall
The United States Department of Homeland Security has published a guide to the terrifying risks that businesses will expose themselves to if they use tech created in the Peoples' Republic of China or engage in any business activity with the Middle Kingdom.
The fifteen-page "Data Security Business Advisory" [PDF] opens by warning "Businesses expose themselves and their customers to heightened risk when they share sensitive data with firms located in the PRC, or use equipment and software developed by firms with an ownership nexus in the PRC.".
China's new Data Security Law, due to come into force in 2021, also gets a lashing on grounds that it offers China's government further surveillance powers and will "Force foreign markets to remain open to Chinese data services providers."
The Department therefore advises American businesses that any data they hold in Chinese data centres won't be secure, Chinese-designed hardware has backdoors, and joint ventures with Chinese firms will see third-party data shared around.
Once it's done scaring readers, the document suggests businesses "Should minimize the amount of at-risk data being stored and used in the PRC or in places accessible by PRC authorities" and "Acquire a thorough understanding of the ownership of data service providers, location of data infrastructure, and any tangential foreign business relationships and significant foreign investors."
News URL
Related news
- Chinese cyberspies, Musk’s Beijing ties, labelled ‘real risk’ to US security by senator (source)
- US sanctions Chinese firm for hacking firewalls in ransomware attacks (source)
- US sanctions Chinese cybersecurity company for firewall compromise, ransomware attacks (source)
- US names Chinese national it alleges was behind 2020 attack on Sophos firewalls (source)
- Asda security chief replaced, retailer sheds jobs during Walmart tech divorce (source)
- T-Mobile US 'monitoring' China's 'industry-wide attack' amid fresh security breach fears (source)
- US space tech giant Maxar discloses employee data breach (source)
- US senators propose law to require bare minimum security standards (source)
- 8 US telcos compromised, FBI advises Americans to use encrypted communications (source)
- Microsoft: Another Chinese cyberspy crew targeting US critical orgs 'as of yesterday' (source)