The Executive Yuan yesterday unveiled guidelines asking central and local government agencies to tally in-use information and communications technology devices that could pose a risk to the nation’s information security and disconnect any potentially hazardous devices from government networks.
The check should be completed within three months based on assessments of the risks the devices could pose to the government’s operations and social security, Executive Yuan spokeswoman Kolas Yotaka told a news conference in Taipei.
Any device deemed to pose an information security risk whose life span has expired should be replaced and disposed of before the end of this fiscal year, while a timetable for elimination should be set for devices that have not reached the end of their lives, she said.
The Guidelines Restricting the Use of Products Threatening Information and Communication Safety went into effect on Thursday afternoon after they were signed by Premier Su Tseng-chang (蘇貞昌), Kolas said.
They apply to government agencies, state-run enterprises and science parks whose work is related to eight categories of key infrastructure: water, energy, communications, transportation, finance, science parks, government agencies and emergency medical services, she said.
Devices that are to be regulated include servers, webcams, drones, cloud-based applications, backbone networks, software and antivirus software, as well as systems whose development has been contracted out, she added.
As guidelines are a type of lower-ranking law, they do not include any punishments for local governments that fail to comply, Kolas said, adding that the Executive Yuan could only encourage local administrations to adhere to the guidelines.
However, relevant agencies are compiling a list of information and communications technology device manufacturers that would be banned from government use, Kolas said.
They are also considering introducing enforcement rules to complement the list, meaning that there would be consequences — for example, administrative fines or lawsuits — for local governments that procure products made by companies on the list, she said.
The list would be published in three months at the earliest, she added.
The Executive Yuan originally targeted only products made by Chinese companies, but later widened the scope to include all products manufactured overseas that could threaten the nation’s information security, Kolas said.
Also being deliberated is whether the central government should introduce a total ban on devices manufactured in China, or only those made by Chinese information and communications technology companies, she said.
Brands that are under review and could make the list include ZTE Corp (中興通訊), Lenovo Group (聯想) and Hikvision Digital Technology Co (海康威視), an official familiar with the matter said.
Asked whether the ban should also be followed by private companies whose work or services involve the eight categories of key infrastructure, Kolas said that they and their governing agencies should work out an agreement.
For example, the National Communications Commission should discuss the issue with privately run telecoms, such as Taiwan Mobile Co (台灣大哥大), as should science park administration offices with firms in the parks, she said.
China would attack Taiwan if there is no other way of stopping it from becoming independent, Chinese General Li Zuocheng (李作成) said yesterday. Speaking at Beijing’s Great Hall of the People on the 15th anniversary of China’s “Anti-Secession” Law, Li, who is chief of the Joint Staff Department of the Chinese People’s Liberation Army Central Military Commission, left the door open to using force. The 2005 law is China’s legislative basis for military action against Taiwan. “If the possibility for peaceful reunification is lost, the people’s armed forces will, with the whole nation, including the people of Taiwan, take all necessary steps to
SECURITY CONCERNS: The Telecom Technology Center ran black-box tests for the Executive Yuan on devices and software from Chinese, US and South Korean firms Network devices from several Chinese manufacturers are insecure and allow personal information to be leaked, testing commissioned by the Executive Yuan has shown. A variety of devices and software, including apps, from Chinese, US and South Korean manufacturers that are used by government agencies at the central and local level were subjected to black-box testing — in which the functionality of an application is examined without knowing about its internal structure, an information-security official said yesterday on condition of anonymity. The Telecom Technology Center conducted the tests, which simulated cyberattacks, to determine their resilience to the attacks, the official said. The center
Americans awoke yesterday to charred and glass-strewn streets in dozens of cities after another night of unrest fueled by rage over the mistreatment of African Americans at the hands of police, who responded to the violence with tear gas and rubber bullets. Tens of thousands marched peacefully through streets to protest the death of George Floyd, a black man who died on Monday last week after a white Minneapolis police officer pressed his knee on his neck until he stopped breathing. However, many demonstrations sank into chaos as night fell: Vehicles and businesses were torched. The words “I can’t breathe” were
EXTRA INVITATIONS: Russia, Australia, South Korea and India would be asked to a later summit dedicated to countering China, Donald Trump said US President Donald Trump has been forced to cancel a planned face-to-face summit of G7 leaders this month and now wants to host an expanded meeting in September dedicated to countering China to which Russian President Vladimir Putin would be invited. Trump on Saturday announced that he had canceled the June meeting, which he had billed as a symbol of the US “transitioning back to greatness,” after German Chancellor Angela Merkel told him in a telephone call that she saw the summit in Washington as a health risk. Hundreds of security staff, journalists and officials also attend the two-day summits. Reports suggest