Lenovo busted for secretly paying cybersecurity "influencers" to promote ThinkShield

"Lenovo."

"Cybersecurity."

If someone asked you what the next word that comes to mind is, it would probably be "Superfish" — Lenovo's highly public snafu involving pre-installed adware. Naturally, the Chinese OEM's marketing department would rather that their cybersecurity solution "ThinkShield" come to your mind instead, and it seems they aren't content to let their software speak for itself.

Security editor for TechCrunch, Zack Whittaker, revealed the PR shenanigans on his Twitter account yesterday:

ThinkShield was launched in September of 2018 with the aim of marketing complete, "360-degree" corporate security solutions, but Lenovo likely faces an uphill battle in getting companies to fully embrace such a solution by a Chinese manufacturer. While Lenovo has not been the center of so much controversy and suspicion as Huawei has, the current geopolitical climate and conditions within China under Xi Jinping probably do little to encourage American businesses to embrace cybersecurity solutions offered by Chinese companies. A declassified Department of Defense (DoD) report from 2019 cites Lenovo by name among other commercially available systems with known vulnerabilities, specifically highlighting the lack of DoD controls currently in place to ensure secure operation of the off-the-shelf systems.

Other names in cybersecurity chimed in the tweet-thread to confirm that Lenovo was specifically looking for paid tweets to promote ThinkShield under the guise of an evaluation while not disclosing publicly it was paid promotion. Lenovo has yet to respond publicly.

As Whittaker suggested, in a business as important as cybersecurity, perhaps it's better to focus on creating the best product possible rather than trying to pay cybersecurity influencers to promote it.