TL;DR
The Czech Republic’s National Cyber and Information Security Agency (NUKIB) has issued a warning about the growing risks posed by Chinese-linked technologies to critical infrastructure sectors, including energy, healthcare, and transportation. The agency highlighted threats from the APT31 cyberespionage group and vulnerable devices like IP cameras, smart meters, and AI models. This alert follows a 2025 cyberattack attributed to APT31, which targeted Czech ministries and raised concerns about national security and data sovereignty.
---
Czech Cybersecurity Agency NUKIB Warns of Chinese Cyber Threats to Critical Infrastructure
Introduction
The Czech Republic’s National Cyber and Information Security Agency (NUKIB) has raised alarms about the increasing risks posed by Chinese-linked technologies to the country’s critical infrastructure. In a recent statement, NUKIB warned that devices and technologies connected to China—such as IP cameras, smart meters, healthcare systems, and AI models—could enable cyberespionage and unauthorized data access. The agency specifically cited the APT31 cyberespionage group, which has been linked to multiple attacks on Czech and NATO systems.
This warning comes amid growing concerns about China’s influence over global technology supply chains and its potential to exploit vulnerabilities in critical sectors like energy, healthcare, and transportation.
---
Key Risks Highlighted by NUKIB
#### 1. Dependence on Chinese-Linked Technologies
NUKIB emphasized that critical infrastructure systems are increasingly reliant on cloud storage, remote operations, and network connectivity, making them vulnerable to external influence. The agency stated:
> “The penetration of these technologies and devices into critical industries (such as transport, energy, healthcare, public administration, and others) is growing and will continue to grow in the future. Suppliers of technological solutions have the ability to fundamentally influence the operation of critical infrastructure and/or access important data.” [^1]
#### 2. Vulnerable Devices and Data Transfers
Many devices and cloud services transmit data to or are managed from China, giving suppliers unprecedented control over operations and access to sensitive information. NUKIB identified the following high-risk products:
- IP cameras (e.g., Hikvision)
- PV inverters and smart meters
- Healthcare technologies
- Smartphones, watches, and connected vehicles
- Large language models (LLMs) and AI systems
#### 3. Legal and Political Risks in China
NUKIB noted that Chinese laws and policies grant authorities broad powers to access data, pressure private firms, and compel cooperation in state-led espionage. This legal framework increases the risk of data leaks and unauthorized access by foreign actors.
---
APT31: A Persistent Cyber Threat
#### 1. Overview of APT31
APT31, also known as Zirconium or Judgment Panda, is a China-linked cyberespionage group that has been active for over a decade. The group is notorious for targeting government agencies, diplomatic entities, and private corporations to steal sensitive data, including:
- Diplomatic cables
- Industrial designs
- Political strategy documents
#### 2. Recent Attacks on Czech Infrastructure
In May 2025, the Czech government publicly condemned China after APT31 was linked to a cyberattack on the nation’s critical infrastructure. The attack, which targeted an unclassified system within a Czech ministry, went undetected for an extended period. A joint investigation by Czech intelligence agencies concluded with high confidence that the attack was orchestrated by Chinese state-sponsored actors[^2].
The European Union (EU) and NATO expressed solidarity with the Czech Republic, condemning the attack and warning that such activities undermine international cybersecurity norms.
---
Implications for Czech Organizations and Citizens
#### 1. Mandatory Cybersecurity Measures
Under the Czech Cyber Security Act, organizations operating in critical sectors are required to:
- Assess risks associated with Chinese-linked technologies.
- Implement protective measures to mitigate potential threats.
- Ensure compliance with national cybersecurity standards.
While there is no outright ban on Chinese technologies, NUKIB has urged organizations to exercise caution and prioritize data sovereignty.
#### 2. Recommendations for Citizens
Although the warning is not legally binding for individuals, NUKIB advises citizens to:
- Evaluate the security of their devices and cloud services.
- Limit data sharing with untrusted platforms.
- Stay informed about potential cyber threats.
---
International Response and Future Outlook
#### 1. EU and NATO Condemnation
The European Union issued a statement condemning APT31’s activities and called on member states to strengthen cybersecurity defenses. The EU emphasized that no country should allow its territory to be used for malicious cyber operations[^3].
#### 2. Broader Geopolitical Concerns
The Czech warning reflects a global trend of increasing scrutiny over Chinese technological influence. Countries like the United States, United Kingdom, and Australia have also taken steps to restrict or ban certain Chinese-made technologies in critical sectors.
#### 3. Future Steps for Cybersecurity
To address these threats, NUKIB recommends:
- Enhancing collaboration between government agencies and private sectors.
- Investing in secure alternatives to high-risk technologies.
- Promoting international cybersecurity standards to counter state-sponsored threats.
---
Conclusion
The NUKIB warning underscores the urgent need for robust cybersecurity measures to protect critical infrastructure from Chinese-linked threats. With APT31 and other state-sponsored groups actively targeting global systems, governments and organizations must prioritize risk assessment, data protection, and international cooperation. For citizens, awareness and caution in technology use are essential to mitigate potential risks.
As cyber threats evolve, the Czech Republic’s proactive stance serves as a model for other nations facing similar challenges.
---
Additional Resources
For further insights, check:
- [NUKIB Official Statement on Chinese Cyber Threats](https://nukib.gov.cz/cs/infoservis/aktuality/2294-nukib-vydal-varovani-pred-hrozbou-spocivajici-v-predavani-dat-a-ve-vykonu-vzdalene-spravy-z-cinske-lidove-repub)
- [Security Affairs: APT31 Cyberattacks on Czech Infrastructure](https://securityaffairs.com/181976/intelligence/czech-cyber-agency-nukib-flags-chinese-espionage-risks-to-critical-infrastructure.html)
- [EU Statement on Malicious Cyber Activities](https://www.consilium.europa.eu/en/policies/cybersecurity/)
---
References
[^1]: NUKIB (2025). "[NUKIB vydal varování před hrozbou spočívající v předávání dat a ve výkonu vzdálené správy z Čínské lidové republiky](https://nukib.gov.cz/cs/infoservis/aktuality/2294-nukib-vydal-varovani-pred-hrozbou-spocivajici-v-predavani-dat-a-ve-vykonu-vzdalene-spravy-z-cinske-lidove-republiky/)". NUKIB. Retrieved 2025-09-08.
[^2]: Security Affairs (2025). "[Czech Republic accuses China’s APT31 of a cyberattack on its Foreign Ministry’s unclassified network](https://securityaffairs.com/178399/apt/czech-republic-accuses-chinas-apt31-of-a-cyberattack-on-its-foreign-ministrys-unclassified-network.html)". Security Affairs. Retrieved 2025-09-08.
[^3]: European Union (2025). "[Statement by the EU on Malicious Cyber Activities](https://www.consilium.europa.eu/en/policies/cybersecurity/)". European Council. Retrieved 2025-09-08.