Jan 23, 2019

Taiwan: Island Nation to Blacklist Mainland Tech Companies

Taiwan is drafting a list of Mainland Chinese companies that present cybersecurity concerns to the island. Apart from the prominent case of Huawei, the list also includes the conglomerate ZTE. It ought to be mentioned that the new ‘blacklist’ is aimed at government departments or institutions connected to the government. The list is set to be finished by the end of March after which it will be a guiding tool. The new measures by Taiwan come  in light of similar measures being taken by other countries, such as the US or New Zealand. Analysts question whether Beijing’s threat to Taiwan could be even greater in light of the self-determination dispute.

This article was published by Nikkei Asian Review:

Taiwan is compiling a detailed blacklist of Chinese tech companies, as security concerns fuel a campaign to restrict the use of equipment from manufacturers such as Huawei Technologies.

"We will likely complete and publish a list of Chinese companies that could pose security threats by the end of March, and update the list from time to time," Jyan Hong-wei, director-general of the cybersecurity department of Taiwan's Executive Yuan, told the Nikkei Asian Review. "In that case, all government departments, organizations and government-controlled enterprises could have a clear idea when they are buying new tools."

Besides Huawei, telecom equipment maker ZTE and leading surveillance camera makers Hangzhou Hikvision Digital Technology and Dahua Technology are likely to be put on the first-wave of the list. Government agencies and state-controlled companies will be barred from using their equipment. Computer manufacturer Lenovo Group is also being considered for the ban.

Taiwan's move to expand its crackdown on Chinese tech comes as countries such as the U.S., Australia, New Zealand, Japan, the U.K. and France either block or consider banning the use of products from vendors such as Huawei. Washington and London also issued reports last year detailing the risks of using Chinese equipment.

The risk for Taiwan could potentially be greater since China claims the island as its wayward province, and refuses to rule out the use of military force to bring it under its control. FireEye, a leading U.S. cybersecurity company, said Beijing probably targeted Taiwan with cyber operations to help the pro-China opposition Kuomintang win a swathe of midterm elections in November.

The move also comes amid political tension across the Taiwan Strait. The presidents of China and Taiwan have been ramping up the rhetoric over the status of the self-ruled island. China's Xi Jinping has renewed a call for eventual reunification, while Taiwan's Tsai Ing-wen said the island will not accept a "one country, two systems" arrangement with Beijing.

Taiwan's cybersecurity chief said the list of Chinese companies will also be disclosed to private companies for procurement reference. Jyan also said his agency is working to release clear guidelines next week on the use of electronic devices in government agencies.

No government employees will be provided with Chinese smartphones, Jyan said. He added they will be banned from using messaging applications such as WeChat on their work mobile devices, as well as linking personal gadgets to government departmental intranets.

The regulations will also apply to state-owned companies such as Taiwan Water Corp., CPC Taiwan and Taiwan Power Company, as well as national medical centers and research institutions. The Cabinet will ask regulatory departments to review the use of equipment at state-controlled enterprises such as Chunghwa Telecom, China Airlines and Mega Financial Holding.

Taiwan has blocked its wireless carriers and government departments from using Huawei and ZTE equipment since 2013, but this is the first time for Taipei to come up with a list to flag security risks from an even wider range of Chinese companies.

Taiwanese President Tsai said in a New Year speech that her administration will look into security issues with Chinese equipment providers.

"We cannot allow any gaps in our information and communication security," Tsai said on Jan. 1. "To address the information and communication security controversies surrounding Chinese companies that have caused international concern, I have also asked our national security agencies to prioritize and clarify all relevant issues to ensure the information and communication security of all critical infrastructures."

Industrial Technology Research Institute, a government-owned R&D institution, and Market Intelligence & Consulting Institute, a think tank, last week posted internal notices prohibiting staff from connecting Chinese smartphones to their organization's intranets.

Some legislators have called for extending the ban on Huawei and other Chinese companies to the financial industry.

Four out of the eight state-controlled banks use either Huawei's routers or Hikvision's security camera system in their branches in Taiwan, China, Singapore and London, New Power Party lawmaker Hsu Yung-ming told the Nikkei Asian Review in December, citing information from the lenders.

"Although they have set a firewall as a precaution, who knows if the data is really secure?" the lawmaker said. "The government needs to define clearly what Chinese products cannot be used."

Photo courtesy of Wikimedia Commons