Copy
View this email in your browser
Prague Security Studies Institute is pleased to introduce its second issue of TIDS Newsletter, which will provide you with the latest updates and analysis on Technology, Infrastructure, Data & Security in the context of the Czech Republic and Central Europe with a particular focus on cyber, economic & financial security.
LATEST UPDATE ON OUR ACTIVITIES 
  • Read the interview with Keir Giles, Senior Fellow at Chatham House and expert on Russian information warfare, who was one of the lecturers at our annual Cyber Security Academy.
  • Read the analysis on (Cyber) Security in the Financial Sector in the Czech Republic that maps current security challenges that old and new, as well as private and public actors face in the financial ecosystem.
  • PSSI's Cyber Security Fellow Berta Jarosova contributed to the report by NATO Strategic Communication Centre of Excellence entitled The Role of Deepfakes in Malign Influence Campaigns.
UPDATE ON CYBER SECURITY IN THE CZECH REPUBLIC
  • Annual Public Report of the Military Intelligence of the Czech Republic notes the need for continuous development of cyber capabilities and warns against attacks and intrusions in supply chain linked to cyber security
  • Annual Public Report of the Security Information Agency, the counter-intelligence service of the Czech Republic, warns again against growing Chinese activities in cyberspace, including cyber espionage campaigns.
  • The hospital in Benešov, Central Bohemian Region in the Czech Republic, was paralyzed by a ransomware attack. Other Czech hospitals such as Military University Hospital in Prague or Regional Hospital in Liberec registered attacks on their facilities as well in the previous months.
  • Just two week after, OKD, one of the main coal mining companies in the Czech Republic, had to suspend its activities due to cyber attack. Operations are now being renewed. 
  • Czech cyber security giant Avast allegedly became a target of a cyber attack now being investigated by national authorities, including the police and the Security Information Agency of the Czech Republic.
  • Czech Office for the Protection of Competition (ÚOHS) rejected Huawei’s complaint on alleged discriminatory clauses present in the open tender of the Ministry of the Environment of the Czech Republic (MŽP). ÚOHS decided that MŽP was obliged to insert such restrictions due to the previously issued warning by the National Cyber and Information Security Agency against selected Chinese technologies and the security risks they incorporate.
  • NATO Cooperative Cyber Defence Centre of Excellence published a report on national cyber security organisation in the Czech Republic. 
  • Miroslav Feix, Head of Czech Cyber Command, warned in an interview about potential consequences of cyber attacks on national infrastructure. 
  • Czech Technical University and Czech cyber security company Avast deepen collaboration and open a new laboratory on artificial intelligence and cyber security in Prague.

TECHNOLOGY, INFRASTRUCTURE & DATA IN EUROPE AND OVERSEAS

  • The EU Member States published the first-ever joint report on the risks associated with 5G network
  • Ministry of Foreign Affairs of Hungary opens the doors to Huawei that might allow the emergency infrastructure in Hungary to be built by Huawei. 
  • Poland joins efforts with the private sector and builds strategic union with Polish telecom companies to develop 5G network. 
  • The National Cybersecurity Review by Italian parliament intelligence and security committee urges the government to exclude Chinese companies out from building 5G infrastructure. The security is said to have higher priority than open economy.
  • International Fintech Forum was held in Lithuania in November. The establishment of the China-CEEC Fintech Coordination Centre was also announced during the forum. The bilateral good relations are discernible in the case of Chinese fintech companies and the Bank of Lithuania, being the only EU institution so far to issue necessary licenses to Chinese companies, which allow them to operate on the entire EU financial market.
  • The U.S. State Department awaits the release of the EU’s 5G risk mitigation toolbox. It once again urged EU countries to adopt sufficient measures in order to prevent untrustworthy vendors to partake in the creation of 5G infrastructure.
  • The U.S. Department of Defense awarded a $10billion technology contract on Joint Enterprise Defense Infrastructure to Microsoft over Amazon, to transform its military cloud infrastructure. 
  • The U.S. Army and Navy ban soldiers from using Chinese-owned mobile app TikTok over security worries following bipartisan calls from lawmakers for regulators and the intelligence community to determine whether the TikTok presents a threat to national security and could be used to collect American citizens' personal data.
  • Chinese Directive 3-5-2 orders all Chinese governmental bodies and public institutions to replace their foreign hardware and software with domestic alternatives. The plan is to replace 30% of the hardware and software in 2020, 50% in 2021 and the rest by 2022.
  • Telefonica Deutschland chose Huawei and Nokia to build its so-called Radio Access Network, it has not yet chosen which company will build its core for 5G. The company declared that it was waiting for government approval of the deal.
  • The Chinese ambassador to the Faroe Islands allegedly threatened to thwart a trade deal between the two countries, unless Huawei was to be given a 5G contract by Føroya Tele, a Faroe Islands telecommunication operator.
  • A new report published by the Council on Foreign Relations depicts the unclear relationship between the APT17 and the Chinese Ministry of State Security. It seems that the APT17 hackers are private contractors, contrary to popular belief that APT groups are state employees of the Ministry. The conclusion is based on the fact that APT groups do not only target foreign subjects for financial gain, but Chinese citizens are affected as well. FireEye further analyses the scope of techniques and tactics of APT41. 

SPOTLIGHT: Germany Expands Foreign Investment Screening, Remains Undecided about Huawei

The German government recently released decisive plans to strengthen its foreign investment screening mechanism and, when necessary, to use government financing to block foreign takeovers of strategically sensitive German enterprises. The decision has been interpreted as an effort to undermine the expansion of Chinese control over key sectors of Germany’s large industrial base, and could have important repercussions for the countries’ economic relations.

Government investment screening is now set to cover investments in several high-tech sectors including robotics, artificial intelligence, and biotechnology, reflecting an updated view of national security as well as concerns about foreign theft of technology and intellectual property. The government would have oversight over any investments in these and other sensitive sectors involving at least a 10% foreign ownership stake. Concurrently, the government will create a permanent committee of ministers with the capacity to identify potentially harmful investments and acquire temporary blocking stakes through the state-owned development bank KfW, effectively using state funds to outmaneuver foreign investors. The stakes would later be sold at the government’s discretion to domestic or foreign entities deemed unthreatening. This approach has already been tested in July 2018 when the KfW was used to acquire a 20% stake in electricity provider 50Hertz to block a bid for the same share of the company by the Chinese state-owned enterprise State Grid.

Germany first introduced formal foreign investment screening regulations in 2004, but has seen two significant reforms to its screening mechanism in the last two years amid growing concerns about China’s expanding economic clout. In 2017 the new legislation laid out screening standards for more conventional strategic sectors including defense, energy, and critical infrastructure. Citing the need for more control over specific cases, reforms in 2018 lowered the threshold for government scrutiny from a 25% foreign stake to 10%. 


Pressure Increases for Germany to Take a Stance on Huawei

The German position on permitting the Chinese telecommunications firm Huawei to participate in the development of its national 5G network remains less clear. CDU and SPD, Germany’s two largest parties, have drafted legislation barring Huawei from the German 5G market, but German Chancellor Angela Merkel appears reluctant to commit to an outright ban. 

Meanwhile, on December 10, Telefónica SA, one of Germany’s major mobile operators, has agreed to allow Huawei to build part of its 5G network, putting pressure on Germany to finalize its position on Huawei’s presence in the country. Days later, China’s ambassador to Germany warned the German government that banning Huawei from 5G network development will be met with reduced access to Chinese markets for German exports, specifically calling attention to Germany’s automobile sales in China, which totalled roughly $15 billion in 2018. 

As Europe’s largest economy and China’s largest European trade partner, Germany’s position on economic relations with China matters both in itself and as an integral component of the emerging European consensus on how best to react to China’s growing role in the global economy. This European consensus appears to be expressed in the proposals at the 32-nation Prague 5G Security Conference last May and the October report on the EU coordinated risk assessment of 5G networks security, which clearly puts forward that components critical for national security should be sourced from trustworthy parties only.   

While a degree of uncertainty continues to surround Germany’s stance, particularly on Huawei, recent investment screening reform and parliamentary legislation make it clear that the country is not going to remain passive and ignore the issue. 
Twitter
Facebook
Website
Copyright © 2021 Prague Security Studies Institute, All rights reserved.


Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list.