MI6 and MI5 ‘refuse to use Lenovo computers’ over claims Chinese company makes them vulnerable to hacking
Cahal Milmo, Independent, Jul 29 2013
Britain’s intelligence agencies, including MI6 and MI5, have allegedly banned the use of computers manufactured by Chinese company Lenovo due to concerns that the machines come hardwired with a vulnerability to hacking. Machines produced by the state-backed technology company, which is the largest PC producer in the world, are claimed to have been found in tests by MI5 and GCHQ to have modifications in their circuitry which could allow remote access to the devices without the owners’ knowledge. The discovery has led to a written banning order being issued among the “Five Eyes” alliance of British, American, Australian, Canadian and New Zealand eavesdropping agencies, including the US NSA, according to the respected Australian Financial Review. Lenovo today voiced its “surprise” at the move and denied any fault in its machines. It is the latest company with links to the Chinese state to fall foul of concerns about its hardware following similar allegations against Huawei Technologies, the telecommunications producer earlier this year banned from competing for a £24b broadband contract in Australia. GCHQ and other UK intelligence agencies declined to comment on the reports concerning Lenovo, which it is claimed has been boycotted since the mid-2000s after laboratories in Britain and elsewhere revealed vulnerabilities in hardware and firmware, the link between a computer’s hard drive and its software. Scientists are claimed to have identified highly-classified back-doors in chips used in Lenovo machines which are extremely difficult to identify and could be activated remotely to either stop targeted computers working or access their contents. As a result the agencies, ranging from the CIA to MI5, have declined to use the firm’s computers for secret and top secret networks, although Lenovo machines continue to be used by public bodies for non-sensitive work. The US State Dept announced in 2006 that it was not going to use a consignment of 16,000 Lenovo computers due to security concerns.
The alleged ban will re-open the debate about whether suspicions against Chinese technology companies, whose products are often cheaper than those of rivals, are justified or jingoistic. Huawei, which was earlier this month accused by a former head of the CIA of passing details of foreign telecommunications systems to the Chinese government, has repeatedly insisted its products are safe and challenged its detractors to provide proof for their claims. A committee of MPs last month concluded urgent measures were necessary to ensure that equipment provided by Huawei to British companies such as BT could not be used as a conduit for a cyber attack. Lenovo, which is based in Beijing, is indirectly backed by the Chinese state. The Chinese Academy of Sciences, a public body, owns more than a third of Legend Holdings, which in turn owns 34% of the computer company and is its biggest shareholder. Following the acquisition of IBM’s PC division in 2005, it has rapidly become a global player in the technology business with revenues last year of $29b and a market share of nearly 17%. In a statement, Lenovo said:
Our products have been found time and time again to be reliable and secure by our enterprise and public sector customers. We have not received word of any sort of a restriction of sales so we are not in a position to respond to this question. We are looking into this situation closely.
The Home Office declined to comment on whether Lenovo machines were accredited on secret government networks. In a statement, GCHQ said:
As a matter of policy we don’t routinely discuss the names or nature of suppliers to GCHQ on any aspect of our business.
Niqnaq 