A worker recently faced a setback after purchasing a low-priced USB memory from an overseas shopping site. As soon as it was connected to the computer, malware was automatically executed, causing the entire operating system (OS) to suddenly slow down and putting some files at risk of corruption.
A worker, known as B, had the habit of downloading YouTube videos in advance and watching them, but one day he nearly fell victim to ransomware (a program that demands a large sum of money for data recovery) after clicking on an ad link claiming to provide 'high-definition videos for free.' Upon checking, it was found that the site was a fake page originating from China.
Recently, it was confirmed that the Chinese artificial intelligence (AI) chatbot 'DeepSeek' transferred user information to the operator of TikTok, 'ByteDance,' raising concerns about personal information leakage and hacking through Chinese applications (apps) and smart devices.
From shopping apps like AliExpress and Temu to IP cams (internet cameras) and robot vacuums, it is assumed that security issues such as 'backdoor vulnerabilities' and 'weak encryption' may arise in Chinese IT products and services.
According to multiple security experts on the 21st, the security issues of Chinese IT devices and services can be broadly classified into four main types.
'Backdoor' refers to vulnerabilities implanted by manufacturers or third parties that allow covert access to devices, potentially transmitting personal information externally without the user's knowledge. Data leakage refers to apps or devices sending sensitive information to specific servers without user consent or collecting information such as keyboard inputs and clipboard content.
'Supply chain attacks' involve the insertion of malware during the manufacturing or distribution stage of IT products. A representative case of this is the discovery of a spy chip believed to be installed by China on Supermicro servers' motherboards in 2018. 'Weak encryption' is cited as a problem where some IP cams and network devices transmit data without encryption, making them easily exposed to hacking.
Jun Deok-jo, CEO of the network detection and response (NDR) corporation SecuVista, said, 'The most common tactic is to implant backdoors during the manufacturing phase,' adding, 'There have been cases where footage recorded by CCTV installed in public institutions was secretly transmitted to China.' He further noted, 'Similar security issues have been confirmed in military facility security cameras, local government CCTVs, and home IP cameras, and when such backdoors are hidden, they can be difficult to detect with general security solutions,' stating, 'One must closely monitor network traffic after installation to determine if information is being secretly transmitted.'
Security experts also point out that Chinese hacker organizations often attempt attacks by distributing products containing malware or operating fake sites. Lee Ho-seok, head of the EQST (the white-hat hacker organization of SK shieldus), noted, 'There are cases where Chinese hacker organizations sell products like USB drives embedded with malware,' stating, 'There were instances where USB drives purchased for unusually low prices from overseas shopping sites like AliExpress were designed to have malware executed the moment they were plugged into a computer.'
He added, 'While the app permission structure has improved compared to the past, the risk of personal information leaking still exists if users unknowingly click 'agree,' particularly warning that some fake sites originating from China disseminate ransomware under the guise of YouTube video downloads.'
The security industry is concerned that Chinese IT devices do not only lead to personal information leakage but could also serve as pathways for more significant hacking attacks. If backdoors are hidden in USBs or IP cams, there is a high possibility that the attack scope could expand to corporate and public institution networks. If such large-scale infiltration occurs, confidential information from corporations or national public institutions could swiftly flow to China and other locations.
Professor Yeom Heung-yeol of the Information Security Department at Soonchunhyang University stated, 'The most serious problem is that users have no idea what information is being collected and where it is being sent.' He added, 'If personal information is transferred overseas, it should naturally require consent, but some Chinese services may not notify users or may bypass this to collect personal information illegally.'
Another area of concern is that the Chinese government may have the ability to look into information collected by its companies. Professor Kim Seung-joo from Korea University’s Graduate School of Information Security explained, 'According to China’s data security law, information collected by Chinese companies must be provided upon request from the government,' adding, 'Ultimately, it is difficult to control where and how the personal information of our citizens is used.'