A new report has revealed that encrypted Chinese chips are being used by multiple U.S. government agencies as well as NATO and the U.K. military.
A new report from Wired has revealed these encrypted chips were supplied by Hualan Microelectronics and were used to store confidential information related to the agency's responsibilities. Notably, the report states that in 2021 the U.S. added Hualan to its "Entity List" written by the Commerce Department's Bureau of Industry and Security (BIS), which states Hualan has been sanctioned for "acquiring and attempting to acquire US-origin items in support of military modernization for [China's] People's Liberation Army."
The new report states that U.S. governmental agencies such as the Federal Aviation Administration (FAA), the U.S. Navy, and the Drug Enforcement Administration (DEA) all purchased these potentially compromised chips. Security researchers have warned that these Chinese-supplied chips may have a hidden backdoor that enables China's government to access the encrypted data on each of the microchips, which, if true, essentially makes them all compromised.
So, how did this happen? Reports indicate that the chips were actually sourced from Initio, a subsidiary of Hualan, that isn't featured on the Entity List.
"If a company is on the Entity List with a specific warning like this one, it's because the U.S. government says this company is actively supporting another country's military development," said Dakota Cary, a China-focused research fellow at the Atlantic Council, a Washington, DC-based think tank, in an interview with Wired.
"It's saying you should not be purchasing from them, not just because the money you're spending is going to a company that will use those proceeds in the furtherance of another country's military objectives, but because you can't trust the product," added Cary.