China to block IT products that don't pass cybersecurity vetting

Tensions are rising between China and the U.S. over cyber security issues

China is threatening to block companies from selling IT products in the nation if they fail to pass a new "cybersecurity vetting system" meant to weed out secret spying and surveillance activities.

Major IT products and services that relate to national security or public interests will be vetted under the new system, China's state-controlled Xinhua News Agency announced on Thursday.

The regulations come from China's State Internet Information Office and are meant to safeguard the country, according to the Xinhua report. But they also come amid rising tensions with the U.S. on security issues that could potentially disrupt relations between the two nations.

Earlier this week, the U.S. took unprecedented action and indicted five Chinese military officers for allegedly hacking into several U.S. companies. Lasting from 2006 to this year, the alleged cyberattacks stole trade secrets that were then supplied to rival Chinese companies.

Analysts believe the U.S. indictment will put a spotlight back on China's corporate espionage activities. But so far, the accusations have been met with a harsh response from Chinese officials, who deny that the nation has ever engaged in state-sponsored hacking.

The Chinese government is demanding the U.S. withdraw the indictment. In addition, officials have been portraying the U.S. as a hypocrite that engages in its own cyber-espionage activities. They point to recent leaks former National Security Agency contractor Edward Snowden, which claim that the U.S. has been spying on Chinese schools and companies.

On Thursday, China's State information Office also cited the Snowden leaks as a reminder of why cybersecurity is needed, according to the Xinhua report. It went on to state that China's government departments, companies, universities and telecommunication firms have all been victims of wiretapping and intrusion.

Specific details were not given on how the vetting system will work. But it has the potential to limit business for U.S. tech firms, including Microsoft, IBM and Cisco, none of which immediately responded to a request for comment.

The U.S. has already taken similar action against Chinese telecommunication equipment suppliers Huawei and ZTE. In 2012, a U.S. congressional committee concluded that both companies were a security threat due to their alleged ties with the Chinese government. The committee advised that U.S. companies buy their networking gear elsewhere.

Join the CSO newsletter!

Error: Please check your email address.

Tags distributionregulationsecurityChinagovernment

More about CiscoDOJHuaweiIBM AustraliaMicrosoftNational Security AgencyXinhua News AgencyZTE

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Michael Kan

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts