The National Cyber and Information Security Agency (NÚKIB) supports the statement made by its partners in the United Kingdom, who draw attention to the malicious activities of companies Anxun Information Technology (also "I-S00N") and Beijing Integrity Technology (also "Integrity Tech") operating in cyberspace and based in the People’s Republic of China (PRC). These companies are part of a complex ecosystem of private entities in the PRC that, among other things, develop offensive tools for the local intelligence and security services and, with the knowledge of the PRC government, carry out operations against the Czech Republic and its allies. National security institutions and international organizations are increasingly coordinating their efforts to draw attention to China’s malicious activities.
Based on its own findings and information from domestic and foreign partners, NÚKIB has repeatedly warned against activities originating from this ecosystem, including those carried out by state actors. These activities pose a growing threat to the Czech Republic, as evidenced by the APT31 cyber campaign, which the Czech government publicly attributed to the PRC in 2025, as well as joint advisories prepared with foreign partners, particularly those from September 2025 focusing on the actor Salt Typhoon.
NÚKIB is therefore publishing its own analysis of I-S00N, which provides a detailed look at how it operates within the ecosystem of private companies whose malicious activities are enabled, supported, and exploited by the PRC. According to information leaked on the Github website, Chinese company I-S00N was developing offensive cyber tools, including hardware tools for penetration testing, on behalf of Chinese state institutions. The named recipients of these tools include various local offices of the Chinese Ministry of Public Security, the Ministry of State Security, and the Chinese People's Liberation Army, and it is likely that the tools were also used by other institutions.
"This situation is supported by the legal and political environment in the PRC, which gives the government extraordinary control over the internet and technology companies. The Chinese Communist Party intervenes in all areas of society, including non-governmental organizations, state-owned and private enterprises, and branches of foreign companies. In addition, the state influences formally private companies through ownership shares known as "Golden Shares" and mandatory party cells, which are established within companies under a 2013 law," said Martina Ulmanová, deputy director for Strategic Affairs and Engagement at NÚKIB. NÚKIB drew attention to the problematic legal and political environment in the PRC in a warning issued on September 3, 2025, among other things.
The PRC's support and use of malicious cyber activities by private entities violates UN standards for responsible state behaviour in cyberspace, thereby acting in contravention of its international obligations and its own public statements.
The UK press statement can be found here: https://www.gov.uk/government/news/uk-clamps-down-on-china-based-companies-for-reckless-and-irresponsible-activity-in-cyberspace