Warning relating to the use of certain “DeepSeek” products

2025-07-11

Dear Users,

On 10 July 2025, the National Cyber and Information Security Agency (NÚKIB) issued a warning:

relating to a cybersecurity threat involving the use of products, applications, solutions, websites and web services, including application programming interfaces, provided by Hangzhou DeepSeek Artificial Intelligence Basic Technology Research Co., Ltd. or any of its predecessor, successor, parent, subsidiary, or affiliate companies (collectively, the “affected products”).

This warning does not apply to security testing, research, and analysis of the affected products or to the open-source large language models of Hangzhou DeepSeek Artificial Intelligence Basic Technology Research Co., Ltd, whose entire source code is publicly available and analysable, provided that the model is deployed locally without the ability to communicate with servers used by Hangzhou DeepSeek Artificial Intelligence Basic Technology Research Co., Ltd. or any of its predecessor, successor, parent, subsidiary, or affiliate companies.

From a cybersecurity perspective, this is a high-level threat.

Based on the issued warning, CU is taking the following security measures:

A ban on the use of the products, applications, solutions, websites, and web services, including application programming interfaces, provided by Hangzhou DeepSeek Artificial Intelligence Basic Technology Research Co., Ltd. or any of its predecessor, successor, parent, subsidiary, or affiliate companies for business purposes on any work-related device (e.g. desktop, mobile phone, laptop, tablet) or on any personal device that you connect to our network.

The ban does not apply to security testing, research, and analysis of the affected products or to the open-source large language models of Hangzhou DeepSeek Artificial Intelligence Basic Technology Research Co., Ltd., whose entire source code is publicly available and analysable, provided that the model is deployed locally without the ability to communicate with servers used by Hangzhou DeepSeek Artificial Intelligence Basic Technology Research Co., Ltd. or any of its predecessor, successor, parent, subsidiary, or affiliate companies.

The full version of the warning can be found here (in Czech) and the methodology for the warning here (in Czech).

Thank you for your cooperation.

Cybersecurity Manager, Head of the Cybersecurity Department