ZDNet reports on how China’s Cybersecurity Law, which was passed last November, allows the government to conduct remote penetration testing on any internet-related business operating within the country. The law grants the Ministry of Public Security the authority to conduct such testing on any company that has more than five internet-connected computers. Citing a report from threat intel firm Recorded Future, it details how the remote penetration tests expose companies and their data to additional risk. "Customers, data, and systems in territorial China are not only at risk of having their data held by the Chinese government, but also are at increased risk for third-party data breaches and Chinese government surveillance," the report states.
If you want to comment on this post, you need to login.