An internal probe produced by the Pentagon’s Joint Staff (J2) claimed that products featuring components from Chinese manufacturing giant Lenovo pose a cybersecurity risk to the Pentagon and US defense contractors.
“There is no way that that company or any Chinese company should be doing business in the United States after all the recent hacking incidents,” one official, speaking on condition of anonymity, told the Washington Free Beacon.
In April, Air Force Cyber Command issued a similar warning, saying that "Lenovo products are being removed from the Approved Products List and should not be purchased for DoD use.
"Lenovo products currently in use will be removed from the network."
Others have attempted to downplay the report. A Pentagon spokesperson said that the US Defense Department has no interest in a blanket ban on the company, and stressed that cybersecurity “requires the department to perform supply chain risk management functions when acquiring products for us in its national security systems.”
This is done on a case-by-case basis, the Pentagon spokesperson added.
Ray Gorman, a spokesman for Lenovo, has dismissed the allegations.
"We have stated many times that we continue to look worldwide for opportunities that make sense for our customers and shareholders, add value to our product portfolio, and help keep us on track for continued profitable growth," he said.
The claims seem to ignore the fact that the National Security Agency (NSA) has already proved to have done exactly what the Pentagon blamed Beijing of doing.
The revelations of former NSA contractor Edward Snowden revealed that the NSA attempted to spy on Iran, Pakistan, and Cuba, by accessing the systems of Chinese telecom company Huawei.
"If the actions in the report are true, Huawei condemns such activities that invaded and infiltrated into our internal corporate network and monitored our communications," the company said in a statement.
William Plummer, vice president for external affairs at Huawei USA, called the Snowden revelations a "watershed moment."
"It’s time for responsible peers to come together and develop standards and best practices that will ensure we raise the bar to make it more challenging for those who would perpetrate cyber mischief to do so," he told the Financial Times.
The report comes in light of recent high profile cyberattacks, including last week’s DDoS attacks on Dyn that affected large portions of the United States’ northeast. While an official cause has not been identified, many were quick to blame Russia and China.