Beijing-based computer maker Lenovo has reportedly been blacklisted for years by spy agencies worldwide, as concerns about government-sanctioned Chinese hacking persist. According to the Australian Financial Review, Australia, the UK, Canada, New Zealand, and the US have all rejected Lenovo machines for their top-secret networks since the mid-2000s, though the computers can be used for lower-security tasks that don't involve sensitive information. Sources say that British intelligence agency research found "back-door" hardware and vulnerable firmware in Lenovo products, leading them to warn that the company could pose a security threat in light of its ties to the Chinese government.
"We have not received word of any sort of a restriction of sales."
Lenovo, which acquired IBM's PC wing in 2005, was apparently unaware of the alleged ban. "We have not received word of any sort of a restriction of sales," it told The Independent, saying it was "looking into this situation closely." Australia's Department of Defence told AFR that Lenovo computers hadn't been approved for secret or top-secret networks, but Britain's GCHQ declined to comment. However, this isn't the first time we've heard about trouble with security agencies. In 2006, the US State Department said that 16,000 Lenovo computers would not be used on classified systems, making sure they would not "compromise our information and communication channels." These latest reports suggest that the decision was consistent with a larger international policy, which covered the CIA, the UK's MI5 and MI6, and other agencies.
Nor is Lenovo the only Chinese company under pressure to prove that its government ties don't make it a security threat abroad. Huawei in particular has been the subject of US congressional inquiries and an alleged government probe, leading it to pull back from selling network equipment in the US. Since then, the UK has opened its own investigation of the company. Huawei and its supporters have called these moves jingoistic and even racist, saying that legislators and domestic companies are playing on fears of China to gain an unfair advantage for local business, but Chinese state-sponsored hacking has become an increasingly substantiated fear over the past year. What's not clear is whether Lenovo actually includes any of the alleged "backdoors," or whether its security vulnerabilities are meant to let prying eyes look into top-secret networks.
Update: The Australian Government's Department of Defence disputes the story. It writes that the Australian Financial Review's report is "factually incorrect," and that there is no ban on Lenovo products on its classified networks. It's not clear whether the government agency is mincing words or whether the publication truly got the story wrong. AFR originally cited a Department of Defence spokesperson that Lenovo products had never been approved for those networks, but that's not the same as a ban on them ever becoming approved in the future.
Australian Financial Review has responded to us as well, saying that the Department of Defence claims it did not understand the question that was being asked when confirming that Lenovo computers were not allowed on top secret networks. The Australian Department of Defence has not denied bans in other countries, and AFR says its sources have reiterated that their information was correct.