Concerns are growing about the proliferation of Chinese-manufactured devices across critical sectors in the United States, due to potential cybersecurity vulnerabilities and the risk of espionage. Research by Forescout has highlighted an alarming increase in the presence of these devices, with nearly 300,000 from 473 Chinese manufacturers now comprising 3.8% of all devices in US networks. This represents a 41% increase year-over-year. The issue extends beyond the U.S., with similar increases noted in the UK and Canada, indicating a global challenge as Chinese devices continue to infiltrate enterprise networks.
The vulnerabilities stem from potential backdoors and supply chain risks associated with these devices, which are often integrated into vital infrastructure. These concerns are compounded by the devices’ widespread use in sectors such as healthcare, manufacturing, and government—areas where the integrity of data and systems is paramount. In the U.S. alone, the manufacturing sector saw more than a doubling of Chinese devices, healthcare grew by 47%, and government by 30%, significantly elevating the risks of espionage and operational disruption.
Globally, the distribution of Chinese devices is also on the rise. In the UK, the number of such devices has doubled to 20,000, while in Canada, the percentage of Chinese devices in the education sector ranged from 2.1% to 9.5%. This widespread distribution is troubling given the strategic importance of the sectors these devices serve, particularly in technology and education, where sensitive data is frequently processed and stored.
This situation is further complicated by the origin of many of these devices. While some are from well-known brands, others are manufactured by lesser-known Original Design Manufacturers (ODMs) based in Taiwan but operating factories in China. These devices are registered under Chinese OUIs and are counted in the assessments of Chinese-manufactured equipment, contributing to the significant numbers reported. The expanding footprint of Chinese-manufactured devices, especially in critical infrastructure, underscores the pressing need for rigorous cybersecurity measures and oversight to mitigate potential threats.
