Most agencies reviewed by the Government Accountability Office (GAO) found little or no telecommunications equipment tied to Chinese companies on their networks, but the watchdog warned that limited supply chain visibility continues to complicate efforts to detect risky devices.
In a report released on May 19, GAO said it examined how six federal departments are implementing a 2018 law that bars agencies from procuring telecommunications and video surveillance equipment produced by certain Chinese-linked companies. These companies include Huawei Technologies and ZTE, among others.
The review found that the departments of Homeland Security, Justice, State, and Treasury reported finding “no covered equipment connected to their IT networks.”
The Defense and Energy departments, meanwhile, identified small amounts of covered equipment during recent searches and said they are taking steps to mitigate risks and remove the devices.
For example, Defense Department officials identified three instances of covered equipment connected to agency networks. According to the report, those devices “have been blocked from external access” while the department works to remove them.
GAO said the findings come as the federal government faces intensifying cybersecurity threats tied to China. Citing the Office of the Director of National Intelligence’s 2026 Annual Threat Assessment, the GAO report said the People’s Republic of China “continues to pose the most active and persistent cyber threat to the U.S. government.”
While agencies have ramped up searches for prohibited technology since 2019, GAO found there is no single government-wide method for identifying the equipment. Agencies reported using a mix of IT hardware inventory searches, network scans, procurement record reviews, and physical inspections.
Each approach has limitations, according to the watchdog. GAO noted that network scans may not capture classified systems or every segment of an agency’s infrastructure, potentially leaving gaps in visibility. The report also said agencies varied in how extensively they searched for covered devices.
Officials interviewed by GAO said one of the biggest obstacles is understanding the origins of technology components buried deep within global supply chains. The report said agencies have “limited visibility into product supply chains” in part because some manufacturers are unwilling to share proprietary sourcing information.
“Some officials said the lack of comprehensive, authoritative information on companies’ subsidiaries and affiliates also posed a challenge,” the report says. “However, officials noted that such information would be accurate only at the time it was developed, because companies may change their names or acquire or divest subsidiaries and affiliates.”
Although GAO found that selected agencies have taken steps to address risks associated with covered telecommunications equipment, the watchdog said identifying prohibited technology across federal systems and supply chains remains an ongoing challenge.
GAO did not make any recommendations in the report. It is sending copies of the findings to the appropriate congressional committees.