The security of products made by Chinese manufacturer Lenovo has been called into question by revelations that the UK and a host of other countries have banned use of the company’s equipment within intelligence and defence networks.
According to an investigation from the Australian Financial Review, researchers uncovered backdoor vulnerabilities and firmware weaknesses in Lenovo chips that make its devices susceptible to hacking.
Now the number one PC maker in the world, Lenovo has ownership ties to the state-run Chinese Academy of Sciences, and becomes the latest firm from China to arouse security concerns among western governments. It has nevertheless offered a swift rebuttal to suggestions its products are flawed.
AFR had been told by multiple defence and intelligence sources in the UK and Australia that a written ban introduced in the mid-2000s prevents Lenovo products from being used in the “classified” intelligence networks of Britain, Australia, the US, Canada, and New Zealand due to the vulnerabilities exposed.
British intelligence labs reportedly took the lead role in investigating the products’ security credentials, and found malicious modifications to Lenovo’s circuitry that could enable remote access to devices without the user’s knowledge. The findings echo concerns about the networking products of Lenovo’s Chinese counterpart Huawei, which prompted a US congressional committee to recommend the firm was shut out of American markets to spare the country from espionage influenced by China’s government.
In the UK meanwhile, Huawei’s cyber-security practices are currently under review from the government, after an Intelligence and Security Committee report said the company could pose a significant threat to the UK's telecommunications industry if its ‘self-policing’ security policy remained unchecked.
Huawei has persistently refuted the claims raised by western governments and believes it is the victim of a smear-campaign. In a statement earlier this month, the group’s Global Cyber Security Officer, John Suffolk, said, "Huawei meets the communication needs of more than a third of the planet and our customers have the right to know what these unsubstantiated concerns are. It's time to put up or shut up."
Lenovo has also moved to allay fears over the security of its products, telling AFR it was unaware of the ban. The company said its “products have been found time and time again to be reliable and secure by our enterprise and public sector customers and we always welcome their engagement to ensure we are meeting their security needs”.