In Wake Of NSA Leaks, China Drops Major US Tech Companies From Its Approved Supplier List

from the leaks-docs,-leaking-dollars dept

The NSA continues to “save” the United States from terrorism by making it weaker. Not only has the agency actively undermined encryption standards, but its willingness to insert backdoors and spyware in any piece of hardware or software it can get its hands on has severely damaged the world’s trust of American technology.

Cloud computing providers have already felt the aftershocks of the Snowden leaks. An Open Technology Institute report published a year after the first revelation noted that many had already seen a drop-off in sales and predicted that the backlash against the NSA’s surveillance tactics could cost companies anywhere from $22-180 billion over the next three years.

Hardware makers are getting hit hard as well. One of the largest buyers of American tech products has dropped some very big brands from its approved supplier list.

China has dropped some of the world’s leading technology brands from its approved state purchase lists, while approving thousands more locally made products, in what some say is a response to revelations of widespread Western cybersurveillance.

Chief casualty is U.S. network equipment maker Cisco Systems Inc, which in 2012 counted 60 products on the Central Government Procurement Center’s (CGPC) list, but by late 2014 had none, a Reuters analysis of official data shows.

Smartphone and PC maker Apple Inc has also been dropped over the period, along with Intel Corp’s security software firm McAfee and network and server software firm Citrix Systems.

It’s certainly no surprise that Cisco would be one of the first dropped by foreign purchasers wary of NSA meddling. A leaked document detailing the agency’s hardware interdiction program contained a photo of operatives carefully unwrapping a box full of hardware destined for NSA spyware implants. While the faces of the agents may have been blurred, the logo on the box was not. As the story spread across the internet, one conclusion was drawn: Cisco products are not “safe.”

The fact that foreign hardware may arrive loaded with spyware and backdoors isn’t the only thing prompting the Chinese government to drop nearly half of its overseas security-related tech suppliers. There’s also the ongoing tension between the US and China, which has devolved into each country accusing the other of inserting backdoors into exported tech. It appears both sets of accusations are correct, but for years it was largely assumed that China was mostly alone in these efforts.

China also has a domestic market it would like to expand, which will now get a leg up from the government. As it eyes an increased exports, it is likely aware that many foreign governments and other potential purchasers consider its exports no more “secure” than NSA-infected tech shipping from the US. Purchasers will find themselves taking the “lesser of two evils” approach when seeking to obtain tech products — something that won’t always work out in favor of American companies.

Cisco has openly stated that “geopolitical concerns” — like the NSA’s interception of its products destined for foreign markets — have led to a downturn in sales. Other affected companies like Intel have yet to issue official statements detailing any NSA-related impact on their sales, but it’s clear the last 18 months of leaks have done little to raise their future expectations. OTI’s wide-open estimate on potential losses will probably never achieve sharper focus. It’s unlikely former customers are going to clearly state that unrenewed contracts or supplier list culls are due to the NSA’s actions, but surveys have indicated this concern does factor heavily into purchasing decisions.

The leaks aren’t going to stop, and what is already in the public domain will continue to take its toll. Just as certainly, the NSA isn’t going to stop looking for ways to circumvent encryption or compromise hardware. At this point, there’s no way any company can claim with certainty that they have avoided becoming part of any government’s intelligence apparatus — and that’s going to hurt them for years to come.

Filed Under: , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “In Wake Of NSA Leaks, China Drops Major US Tech Companies From Its Approved Supplier List”

Subscribe: RSS Leave a comment
Anonymous Coward says:

I don't see how any country could trust another at this point

I don’t see how any company could trust any other now with all the revelations of spying, even on allies. I think if I was a head of state, I would do whatever I could to get all tech built in my own country. Not only would my spyware be the only spyware on it, it would create jobs.

Anonymous Coward says:

Re: I don't see how any country could trust another at this point

Forgot to add, that once trust is lost, it is all but impossible to get back. It will take many, many years to earn it back and with the current state of things; it doesn’t appear that the UK and US are interested in being trusted again. Either by other countries or their own citizens.

Anonymous Coward says:

I’m not surprised. I think of it as proof to how bipartisan universal surveillance is.

Because if it wasn’t, we would see one party or the other decrying it as a “job killer” that “hurts the middle class” for cheap votes. Instead it’s either stunning silence or overwhelming support.

Yes, my cynicism is fed by Washington’s lack of cynicism in this case.

Bamboo Harvester (profile) says:

Easy Fix

NSA Headquarters

Dear China;

Please put all American products removed from your list back on the to-buy list, and we will afford you the same trade agreement we have with Britain’s GHCQ.

We give you the keys to the back doors in all US products, you give us the keys to all Chinese products, and we trade the information fully from both sets of hardware.

It’s a win-win for Intelligence agencies.

(Aside) Bob Asprin covered a scenario rather like this in his novella “The Cold Cash War”. A good read if you’ve got a half hour to kill sometime.

Geno0wl (profile) says:

They will blame

They will continue to blame Snowden, but we all know it was a matter of time before they were found out eventually anyway. And once they were found out it just would have been worse. The hubris to think they could have long term kept that going without being found out, that only Snowden was the reason they ever would have gotten caught, it rather astounding.

John Fenderson (profile) says:

Re: Lenovo anyone

“why would anyone in the west buy any of their stuff?”

Depends on who they are. Personally, I feel much less threatened by the notion that China might be spying on me than the notion that the US might be. However, major US corporations and companies that do business with the government or with sensitive businesses such as banking would rightfully feel differently.

Whoever says:

Where is the mainstream reporting?

Where are the mainstream media outlets when these stories break? Nowhere. Look at how little reporting there was of the Chicago Police’s black site.

It is clear that the media are not interested in criticizing government. As for those reporters in Chicago who knew about Homan square, but did not report it: I hope that they get “disappeared” for a few hours.

Whoever says:

Safety calculus

Before doing road improvements, there is usually an estimate of cost vs. lives saved, with the expectation that a saved life is worth somewhere around $0.5M to $1M (I don’t know the current number). I found a study that showed that the cost of saving a life in vehicle safety improvements was about $0.5M in 2002/2004.

Using a more conservative number ($1M per life saved), the NSA should be able to show that their activities saved the lives of at least 22,000 US residents and perhaps 180,000 US residents. Can’t show this? Then the NSA’s activities are a waste of resources. Resources that could be more effectively spent elsewhere.

Anonymous Coward says:

It'd be nice to have more info.

Physically installing backdoors in transit could use some deeper investigation. Specifically, how and where and with whom are these “interdictions” occurring? It would be nice to have some journalism boots on the ground shining light on that process. FedEx, UPS, USPS, DHL, et al, need to be asked some hard questions, starting with what kind of cooperation they’ve provided.

Albi Qeli says:

Re: It'd be nice to have more info.

According to James Bamford, during the Cold War the NSA managed to place a US Navy submarine close to some underwater Soviet cables in the sea of Okhotsk. They then tapped into those cables, under the cold north Pacific waters, and as a consequence, the US had full access to Soviet Navy communications.

I cannot know the details, but I don’t think the NSA would have trouble intercepting a UPS package.

Albi Qeli (user link) says:

The Chinese have found the perfect excuse to do what they always do: entice foreigners, steal their know-how, then get rid of the foreigners when no longer needed. Nothing new here.

As an aside, I am reading the Gordievsky history of the KGB. At one point in between the world wars, the US Embassy in the USSR operated without any crypto, the ambassador was not particularly worried about “secrets.” Apparently everything was above the table, and the US envoy found the Russians perfectly reasonable. The Russians on the other were not honorable: they intercepted every communication they could, brought prostitutes to honey-trap the employees, etc. It did not take long for US to institute countermeasures.

The US spooks have come a long way, needless to say. Unfortunately, the NSA has managed to turn US opinion against it. At a minimum, the NSA is guilty of not being able to keep secrets. At worst, they are the enablers of total surveillance, at the service of God-knows-who. If US citizens could do so, they would vote the agency out of existence. This spy stuff has gone too far.

xz11111000000 (profile) says:

Trust No One

It’s perfectly reasonable at this point to trust no OEM and require safety audits of critical systems. What’s unreasonable is to put blind trust in any OEM or service provider.

We are heading toward a world where major OEMs will either learn to love open source and audits, or die and an increasing number of companies roll their own commodity hardware.

Intel knows this, but have Cisco and IBM got the message?

It should be noted Huawei has cooperated with pre-installation audits for years in the UK and recently offered to open it’s source code to customers.

Did the US Senate and White House do them a favor by banning them and sending them down that road years ahead of their American competitors?


Nice work assholes.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...