Intelligence and defense services in the US, Britain, Canada, and New Zealand blocked Lenovo PCs from their "secret" and "top secret" networks over concerns that the systems are vulnerable to being hacked, according to reports.
The agencies banned the computers in the mid–2000s after discovering alleged back-door hardware and firmware vulnerabilities, according to the Australian Financial Review.
Lenovo, headquartered in Beijing, has become the world's largest PC vendor. It acquired IBM's PC business in 2005. IBM, which is the exclusive sponsor of Internet Evolution, continues to sell servers and mainframes approved for secret and top-secret networks.
"The classified ban highlights concerns about security threats posed by 'malicious circuits' and insecure firmware in chips produced in China by companies with close government ties," AFR says. "The Chinese Academy of Sciences, a government entity, owns 38 percent of Legend Holdings, which in turn owns 34 percent of Lenovo and is its largest shareholder."
The hardware vulnerabilities could allow people to remotely access devices without user knowledge, AFR reported.
The vendor continues to supply computers in quantity for unclassified networks in many Western nations.
Lenovo told AFR that it's unaware of the ban, adding its "products have been found time and time again to be reliable and secure by our enterprise and public sector customers and we always welcome their engagement to ensure we are meeting their security needs."
The US State Department bought 16,000 Lenovo PCs in 2006, at least 900 of which were to be used on classified networks. Then Congress applied pressure, and the State Department said it would restrict the devices' use of unclassified networks and alter future procurement policies to reflect that change, InformationWeek reported.
The US, UK, Canada, Australia, and New Zealand comprise the "five eyes" electronic eavesdropping alliance, InformationWeek says. They've reportedly configured their networks to handle classified data similarly, to allow communication between them.
The revelation about the Lenovo ban comes amid mounting concerns that the Chinese government is using equipment manufactured by Huawei or ZTE to spy on Western businesses and government agencies, InformationWeek noted. The House of Representatives Permanent Select Committee on Intelligence issued a report last year prohibiting US government agencies from purchasing or using equipment from either vendor, and urged US business to rethink their use of equipment from the companies.
General Michael Hayden, former head of the US Central Intelligence Agency and of the National Security Agency, told the Financial Review, "No, it is simply not acceptable for Huawei to be creating the backbone of the domestic telecommunications network in the United States, period." Asked whether Huawei "represent[s] an unambiguous national security threat to the US and Australia," Hayden replied, "Yes, I believe it does."
The Australian Department of Defence issued an official statement today denying it banned the use of Lenovo computers, according to The Register. But The Register goes on to note there have been no claims that there was a department-wide ban on the machines. The reported ban only extends to the secret intelligence and security agencies of the five nations, many of which aren't a part of their nations' defense departments.
Should Western nations use equipment from Huawei, Lenovo, and other companies with close ties to the US government? Should private businesses do so?
Great Wall Protections Part of China's Next-Gen Internet
China Snatches US Veterans' Data
To Improve IP Security, Consider the Source
— Mitch Wagner , Editor in Chief, Internet Evolution