Full Report
The AI products from Chinese company DeepSeek present unacceptable national security risks, Czechia said in banning the software from government use.
Analysis Summary
# Threat Actor: Chinese State-Sponsored Actors (Attribution linked to Beijing)
## Attribution & Identity
The threat is attributed to **Beijing** (Chinese Communist Party/Government) utilizing software from Chinese companies like DeepSeek for intelligence purposes. While no specific APTcodename is named for the current activity, the context strongly suggests state-sponsored espionage activities targeting international interests. The Czech NÚKIB previously accused the Chinese government of hacking the Czech ministry of foreign affairs, referencing **APT31**.
## Activity Summary
The primary activity detailed is the suspected exploitation of the Chinese AI company **DeepSeek's** Large Language Model (LLM) products for intelligence gathering on behalf of the Chinese government. Czechia, along with 9 other countries, banned or warned against using DeepSeek software due to these security concerns. The inference is that Beijing will leverage domestic national security and intelligence laws to coerce DeepSeek into sharing user data for espionage.
## Tactics, Techniques & Procedures
- **Data Exfiltration/Collection:** DeepSeek mobile applications are assessed to "almost certainly collect all the content that the user provides to both the chatbot and the associated services."
- **Legal Coercion/Supply Chain Risk:** Utilizing Chinese domestic legislation (National Security Law 2015, Counter-Espionage Law 2014, Company Law 2013, National Intelligence Law 2017) to compel cooperation from the software vendor.
- **Dual-Use Exploitation:** The founder of DeepSeek has historical links to research involving dual-use technologies, specifically autonomous vehicles in battle spaces.
- **Infrastructure Placement:** User data is stored on servers located in China and the **Russian Federation**.
- *MITRE ATT&CK IDs are not explicitly provided in the source material.*
## Targeting
- **Sectors:** Government/State Entities (implied by the Czech government banning the software), and any user utilizing the DeepSeek LLM/chatbot services.
- **Geography:** Global, specifically noted are the **Czech Republic** (a long-term target), Netherlands, Australia, Canada, South Korea, India, and Italy.
- **Victims:** Czech Ministry of Foreign Affairs (mentioned in historical context), and potentially any national government entity or employee using the software.
## Tools & Infrastructure
- **Malware families used:** DeepSeek LLM software/mobile application.
- **Infrastructure (C2, domains, IPs):** User data stored on servers in **China** and the **Russian Federation**. (No specific C2 domains or IPs defanged were listed).
## Implications
The threat reflects a high-level national security risk stemming from the convergence of commercial AI technology and PRC legislative requirements, making software supply chain verification critical. Given that Czechia and allied NATO/EU states have been targets previously, this intelligence operation represents an ongoing, sophisticated effort to gather sensitive information via popular digital tools.
## Mitigations
- Immediate **banning/removal** of DeepSeek software and products from official government devices and networks (as implemented by Czechia).
- Heightened scrutiny of software products originating from jurisdictions with broad state access laws (PRC).
- Organizations should assume that input data provided to AI language models from high-risk vendors may be accessible to foreign intelligence services.