Brussels – Hidden microchips that allow remote access to data at any time, and potentially even spying. A new threat is emerging in the European Union from China, involving the import of technological products from Asia and their subsequent introduction into the single market. Real miniature Trojan horses that are causing concern, particularly for Tobiasz Bocheński, a Conservative (ECR) Member of the European Parliament, who is determined to call for action.
In a parliamentary question to the European Commission, the Polish MEP denounced “numerous cases” of devices from China that contained hidden chips or components not included in the technical specifications provided by the manufacturer or in the contractual documentation. For example, he denounces, “supermicro servers, used by providers of cloud services and public institutions, among others, were found to contain microscopic integrated circuits that could enable remote access to data.“ Similar incidents have also been reported in connection with closed-circuit cameras and 5G modems, with all the implications for the EU’s digital security and strategic independence.
Henna Virkkunen, Executive Vice-President for Technology Sovereignty and Security, does not deny the existence of the problem, and in her reply calls first and foremost for the import of technology goods to be directed elsewhere. “High dependency on non-European suppliers, in particular high-risk suppliers, can lead to increased information and communication technology (ICT) supply chains security risks, including the possibility of foreign interference,” the commissioner says, an implicit accusation against the Chinese government, also considered by the von der Leyen commission as hostile and potentially dangerous for the existence of the EU. Hence, Virkkunen admits, always focusing on ‘made in China’ can “compromise the EU’s digital security and strategic independence.”
The second piece of advice to protect oneself from “bad intentions” of foreign suppliers, after diversification, is to buy products with a cybersecurity certification, established by the regulation known as the Cybersecurity Act. This type of certification, continues Virkkunen, “is essential for enhancing resilience and trust in the Single Market.”, as it “expert evaluation and offers evidence to customers that ICT products, services, processes and managed security services comply with specified functional security requirements.”
English version by the Translation Service of Withub
