In 2019, China Tech Threat released a report on the failure of states to scrutinize the purchase of products and services from risky Chinese information technology vendors Lenovo and Lexmark which have been banned from U.S. military and intelligence networks for their connections with the Chinese government and military. The alarming fact is, despite being banned at the federal level, many states unwittingly still have purchase contracts with these dangerous companies.
At the state level, these types of attacks have been used to access sensitive personal and financial information held by various government agencies. To assess the threat level in the states and raise awareness, China Tech Threat conducted an extensive research project based on Freedom Of Information (FOIA) requests and legal action to obtain information when necessary.
Today, we released a memo to those who have been tracking our work that provides an update on what our research has yielded to date and the process used, including the following:
- There were 38 states with contracts with banned Chinese tech companies
- FOIA responses from nearly 30 states revealed more than $50 million spent on risky tech contracts
- Even following formal legal requests, TN, ME and NJ have yet to release information which could leave residents and infrastructure vulnerable to cyber threats