On May 24 Microsoft warned that China-sponsored hackers gained access to critical cyber infrastructure in U.S. government and communications organizations. Similar threats are posed by restricted Chinese technology purchased by many U.S. states, including Ohio which spent more than $200,000 dollars on dangerous PRC technology, making its data and infrastructure vulnerable to Chinese surveillance.
According to China Tech Threat’s (CTT) fact sheet, between 2016 and 2022, Ohio spent $240,194 on dangerous technology from Lexmark and Lenovo, manufacturers already restricted by U.S. military and intelligence agencies due to their connections to the Chinese government and military. This technology was purchased by the Bureau of Workers’ Compensation, the Department of Natural Resources, and the Department of Rehabilitation and Correction, making sensitive state and citizens’ data entrusted to these agencies vulnerable to Chinese infiltration. (You can read more about the risks of Lexmark, Lenovo and two other dangerous Chinese government-owned tech manufacturers in our May briefing paper.)
In January, Governor Mike DeWine prohibited the use of apps, websites, and social media platforms owned by entities in China. This is a commendable first step, but more can be done.
CTT recommends Ohio’s legislators follow a growing number of states that have enacted legislation to ban state agencies from purchasing and deploying Chinese technology. Specifically, the Buckeye State can mirror the efforts of South Dakota’s Governor Kristi Noem who signed SB 189 into law in March, Idaho’s Governor Brad Little who signed HB 294 and Arkansas’ Governor Sarah Huckabee Sanders who signed HB 1789 in April, and, most recently, on May 1 Indiana’s Governor Eric Holcomb who signed SB 477.
CTT will continue to monitor the threats to Ohio’s data and any efforts taken to protect it.
Follow us on Substack for all our content!