Beijing tells Chinese firms to stop using US and Israeli cybersecurity software, sources say

Chinese authorities have told domestic companies to stop using cybersecurity software made by more than a dozen firms from the US and Israel due to national security concerns, three people briefed on the matter said.

As trade and diplomatic tensions flare between China and the US and both sides vie for tech supremacy, Beijing has been keen to replace Western-made technology with domestic alternatives.

The US companies whose cybersecurity software has been banned include Broadcom-owned VMware, Palo Alto Networks and Fortinet, while the Israeli companies include Check Point Software Technologies, two of the sources said.

The third source said other companies whose software was banned included Alphabet-owned Mandiant and Wiz, whose purchase Alphabet announced last year, as well as US firms CrowdStrike, SentinelOne, Recorded Future, McAfee, Claroty, and Rapid7.

Israeli firm CyberArk, whose purchase was announced by Palo Alto last year, was also on the list, as were Orca Security and Cato Networks, two Israeli firms, and Imperva, which was purchased by French defense firm Thales in 2023.

Shares slide following software ban

Recorded Future said in an email that it did no business in China and had no intention of doing so. McAfee said it is a consumer-focused company whose technology “is not built for government or enterprise use.”

CrowdStrike said it did not sell into China and did not have offices, hire people, or host infrastructure there, and thus could “only be negligibly affected.” SentinelOne said it had “no direct revenue exposure to China,” citing similar reasons.

Claroty said it did not sell to China. In a statement, Orca Security CEO Gil Geron said his company had not been notified of the move. Geron added that his company was focused on defense and that a ban “would be a step in the wrong direction.”

The other blacklisted companies did not respond to Reuters’ requests for comment.

Shares of Broadcom fell more than 4% in trading on Wednesday, January 14, while Palo Alto’s share price stayed virtually flat. Check Point’s shares closed up slightly. Fortinet shares fell more than 2%. Rapid7 shares fell more than 1%.

Reuters was unable to establish how many Chinese companies received the notice that the sources said was issued in recent days.

Chinese authorities expressed concern the software could collect and transmit confidential information abroad, the sources said. They declined to be named due to the sensitivity of the situation.

China’s internet regulator, the Cyberspace Administration of China, and the Ministry of Industry and Information Technology had not responded to requests for comment at the time of publication.

Preparations under way for Trump visit

The United States and China, which have been locked in an uneasy trade truce, are preparing for a visit by US President Donald Trump to Beijing in April.

While the West and China have clashed over China’s efforts to build up its semiconductor and artificial intelligence sectors, Chinese analysts have said Beijing has become increasingly concerned that any Western equipment could be hacked by foreign powers.

It has therefore sought to replace Western computer equipment and word processing software.

The country’s largest cybersecurity providers include 360 Security Technology and Neusoft.

Some of the US and Israeli companies facing a ban for their part have repeatedly alleged Chinese hacking operations, which China has denied.

Last month, Check Point published a report on an allegedly Chinese-linked hacking operation against an unidentified “European government office.” In September, Palo Alto published a report alleging a Chinese hacking effort targeted diplomats worldwide.

Significant Chinese footprint

Several of the firms do not conduct business with Chinese clients, but others have built a significant footprint in China.

Fortinet has three offices in mainland China and one in Hong Kong, according to its website. Check Point’s website lists support addresses in Shanghai and Hong Kong. Broadcom lists six China locations, while Palo Alto lists five local offices in China, including one in Macau.

The politics around foreign cybersecurity vendors has long been fraught. Such firms are often staffed with intelligence veterans, they typically work closely with their respective national defense establishments, and their software products have sweeping access to corporate networks and individual devices – all of which at least theoretically provides a springboard for spying or sabotage.

Suspicions about the origin and motive of Russian anti-virus firm Kaspersky, for example, eventually led to a purge of the software from US government networks in 2017. In 2024, sales of Kaspersky products were banned across the United States. – Rappler.com