Understand New implemented China Cyber Law – 2019

Aim to security:
The new regulations on China’s Cybersecurity Law on November 2018 grant China cyber security agencies (the legal authority) to conduct remote testing of any Internet-related business operating in China.
Their authority is possible to copy and share any data that government officials find on the system being inspected.

MPS (The Ministry of Public Security (MPS) ) is able to execute the following authorities:

  1. Conduct on-site or remote inspection of network security defenses taken by companies operating in China.
  2. Check for prohibited content in China.
  3. Record the safety response plan during the on-site inspection.
  4. Copy any user information found on the system being inspected during a live or remote inspection.
  5. Perform a penetration test to check for vulnerabilities.
  6. Perform a remote check without notifying the company.
  7. Share any collected data with other state agencies.
  8. During the on-site inspection, two members of the PAP (Chinese People’s Armed Police Force) had the right to enforce the procedure.

Original:
對在中國運營的公司採取的網絡安全防禦進行現場或遠程檢查。
檢查中國境內禁止的“禁止內容”。
在現場檢查期間記錄安全響應計劃。
在現場或遠程檢查期間複製在被檢查系統上找到的任何用戶信息。
執行滲透測試以檢查漏洞。
在不通知公司的情況下執行遠程檢查。
與其他州政府機構共享任何收集的數據。
在現場視察期間有兩名人民武裝警察(PAP)成員執行程序的權利。

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.