Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

ICS/OT

Number of Chinese Devices in US Networks Growing Despite Bans

An analysis by Forescout shows 300,000 Chinese devices in the US, up 40% compared to the previous year, despite bans.

An analysis conducted recently by cybersecurity firm Forescout shows that the number of Chinese-manufactured devices present in US networks has been increasing over the past year, despite efforts to prevent the use of such products due to security concerns.

Over the past years, the United States government has taken action to reduce the potential risks posed by the use of products made in China, banning the sale of communications equipment and allocating significant amounts of money to help organizations replace Chinese gear in their networks. 

A recent executive order focusing on the cybersecurity of US ports highlighted the risks associated with the use of Chinese cranes, with other initiatives targeting energy-storage batteries, and cars made in China.  

Despite these efforts, Forescout’s analysis found that the number of China-made devices in US networks has increased by more than 40% in the past year, from 185,000 in February 2023 to nearly 300,000 in February 2024. The 300,000 devices came from 473 different manufacturers.

This represents close to 4% of the total number of 7.5 million US-located devices currently in Forescout’s repository of connected enterprise devices, which includes data on 19 million IT, IoT, OT and IoMT (medical) products from its customers’ networks. 

Roughly 88% of the Chinese-manufactured devices located in the United States are IT products, followed by IoT (9%), OT (2%) and IoMT (1%). A vast majority of devices are computers, followed at a distance by mobile devices, and surveillance products. The most widely encountered manufacturer is Lenovo, followed by Hikvision. 

Forescout warned that critical infrastructure sectors such as healthcare, manufacturing and government are the most impacted. In the case of the government, the most commonly found Chinese devices are surveillance cameras made by Honeywell Security China and VoIP phones from Yealink. 

A Shodan search showed hundreds of thousands of devices from the most popular Chinese manufacturers are directly connected to the internet, which could expose them to remote attacks. 

As for other countries, Forescout saw an increase from 10,000 China-made devices to 20,000 in the UK over the past year. An increase of 37% was seen in Australia and an increase of 67% was observed in Singapore. A drop of 14% has been seen in Canada, and a drop of 25% was seen in Germany over the past year. 

Advertisement. Scroll to continue reading.

The main concern associated with the use of Chinese products is that the Chinese government could leverage them for espionage or to cause disruption, possibly through the use of intentionally planted backdoors.

“Organizations must pay attention to every asset on their network, be it IT, IoT, IoMT or OT, because they all can present cyber risks. Devices that carry additional risk due to where they were manufactured must be inspected even more closely,” Forescout cautioned.

Related: Canada Bans WeChat and Kaspersky on Government Phones

Related: Australian Defense Department to Remove Chinese-Made Cameras

Related: CISA Warns of Hikvision Camera Flaw as US Aims to Rid Chinese Gear From Networks

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

People on the Move

Professional services company Slalom has appointed Christopher Burger as its first CISO.

Allied Universal announced that Deanna Steele has joined the company as CIO for North America.

Former DoD CISO Jack Wilmer has been named CEO of defensive and offensive cyber solutions provider SIXGEN.

More People On The Move

Expert Insights

Related Content

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

IoT Security

A vulnerability affecting Dahua cameras and video recorders can be exploited by threat actors to modify a device’s system time.

IoT Security

An innocent-looking portable speaker can hide a hacking device that launches CAN injection attacks, which have been used to steal cars.

ICS/OT

The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

ICS/OT

Municipal Water Authority of Aliquippa in Pennsylvania confirms that hackers took control of a booster station, but says no risk to drinking water or...

ICS/OT

Mandiant's Chief analyst urges critical infrastructure defenders to work on finding and removing traces of Volt Typhoon, a Chinese government-backed hacking team caught in...