China warns of data theft via ‘back doors’ in imported chips, smart gadgets

China’s top anti-spying agency has urged citizens to beware of data leakage through deliberately designed or maliciously embedded “technical back doors” in chips and smart gadgets produced overseas, warning of risks to national security.

The Ministry of State Security said on its official social media page on Monday that imported chips, software and smart devices for critical sectors might feature embedded “exploits” or access points at the initial design stage. These would allow malicious actors to bypass security controls and gain unauthorised access to systems, potentially causing severe data breaches, it cautioned.

“The security of hi-tech devices and information systems directly concerns national security. Citizens must remain vigilant,” the ministry said.

03:25

New CIA videos seek to lure Chinese officials to leak secrets to US

A technical back door is a software tool that allows developers to debug and patch vulnerabilities efficiently. However, it may also pose significant risks, including data theft and information leakage.

Malicious actors could exploit these covert access points to remotely activate cameras or microphones, or command background processes to collect and “exfiltrate” or steal specific data, the ministry said.

Manufacturers could also illegally invade devices through after-sales services, software update channels, by compromising open-source code repositories or tampering with code during supply chain operations, it added.

Beijing places a strong emphasis on national security in the intelligence and cyber domains, and the ministry’s warning underscores heightened vigilance over risks from foreign technology supply chains amid geopolitical tensions with the United States and state surveillance fears.