US Navy Looks to Dump Lenovo Servers on Security Concerns – Report

Written by

The US Navy is reportedly looking for a new server supplier for some of its guided missile cruisers and destroyers due to security concerns around Lenovo’s recent purchase of IBM’s x86 server division.

The Chinese hardware giant acquired IBM’s System x, BladeCenter and Flex System blade servers and switches, and its NeXtScale and iDataPlex servers and software in autumn last year in a $2.1bn deal – propelling it to a position as the third largest x86 server provider globally.

However, that’s not gone down too well with the government, according to USNI News.

“The Department of Homeland Defense identified security concerns with the IBM Blade Center sale and placed restrictions on federal government procurement of Lenovo Blade Center server products,” Navy spokesman Dale Eng told the site.

The decision will affect the Navy’s Aegis Combat System – an integrated naval weapons system developed by Lockheed Martin which includes ballistic guided missile destroyers and cruisers.

According to the report, IBM x86 BladeCenter HT servers were included in “Aegis Technical Insertion (TI) 12” hardware upgrades for the combat system.

The Integrated Warfare Systems’ Aegis program office is apparently working with the Department of Defense Committee on Foreign Investment in the United States Mitigation Development and Compliance Monitoring Team, in order to find an alternative supplier.

Lenovo has been called out for national security concerns in the past, when an Australian Financial Review (AFR) article claimed two years ago that ‘Five Eyes’ intelligence agencies had banned Lenovo PCs after finding backdoor vulnerabilities.

The Australian Department of Defence subsequently claimed it had not instituted a ban but that Lenovo had not requested to be accredited for Top Secret and Secret Networks.

AFR countered that it had been talking specifically about the Australian part of the five eyes intelligence alliance, called the Defence Signals Directorate, which may operated under “unique directives”. It added that it had been told the British intelligence services had instituted a formal ban on Lenovo computers on classified networks.

Both China and the US have become increasingly wary of allowing the sale of commercial technology from the other superpower inside their respective countries.

In 2012, a congressional committee effectively banned telecoms infrastructure firms Huawei and ZTE from competing in the US market after noting national security concerns.

Since revelations of NSA spying and tampering with US-made kit bound for export, China has also been cracking down on US providers of late.

Ironically, reports from a year ago suggested that the government had asked banks to replace IBM servers with domestic kit as part of a new trial.

Beijing has already announced strict new vetting for any products headed for government use, which may effectively prevent many US firms from competing in this highly lucrative market, as they’d have to open their products and source code up to inspection.

Infosecurity reached out to Lenovo for a response but had not heard back at the time of writing.

What’s hot on Infosecurity Magazine?