According to a new report, the world’s biggest personal computer maker, Chinese firm Lenovo Group Limited has reportedly been banned from supplying equipment for networks of the intelligence and defense services of Australia, the United States, Britain, Canada and New Zealand, due to hacking concerns.
Sources from intelligence and defense entities in the UK and Australia have confirmed the ban introduced in the mid-2000s after intensive laboratory testing of its equipment. In 2006 it was disclosed that the US State Department had decided not to use 16,000 new Lenovo computers on classified networks because of security concerns.
Serious backdoor vulnerabilities in hardware and firmware were apparently discovered during the tests which could allow attackers to remotely access devices without the knowledge of the owner.
Lenovo, headquartered in Beijing, acquired IBM’s personal computer business in 2005, after which IBM continued to sell servers and mainframes that were accredited for secret and top-secret networks. GCHQ, MI5, MI6, the Australian Security Intelligence Organization, the Australian Secret Intelligence Service, and the NSA were all named as participating in the Lenovo ban.
Hardware backdoors are very hard to detect if they are well-designed, according to James Turner, an IT security analyst at IBRS, a technology research firm.
In the UK meanwhile, Huawei’s cyber-security practices are currently under review from the government, after an Intelligence and Security Committee report said the company could pose a significant threat to the UK's telecommunications industry if its self-policing security policy remained unchecked.