Did China hardware-hack Supermicro servers used by Apple and Amazon?

Share

Bloomberg's report cites multiple sources from both companies, as well as national security officials who were informed of the chips' existence. We stand by our story and are confident in our reporting and sources.

The chips were reportedly developed by a specialised computer hardware attack unit in the People's Liberation Army, and gave hackers unfettered access to anything the server did, allowing them to potentially manipulate the server to steal data, contact other servers and alter operations. Not part of the motherboards' original design, the malicious chips are believed to have been implanted at factories run by Chinese manufacturing subcontractors and created to offer "long-term access to high-value corporate secrets and sensitive government networks".

Super Micro Computer shares fell 47 per cent to $US11.20 in Pink Sheet trading. A follow-up investigation was then conducted, which reportedly remains open to this day.

The Bloomberg report was based on reports from 17 unnamed people, including three "Apple insiders", six current and former USA national security officials, two people inside Amazon Web Services, and six unidentified sources. "We are not aware of any investigation by the FBI, nor are our contacts in law enforcement".

Queues for Theresa May speech are bigger than Boris Johnson's
When Mr Jones claimed that most people in the Province disagree with her views, Mrs Foster said: "That could well be the case". Just a day before, Boris Johnson's jokes contained references suggesting she should be prosecuted under ancient statutes.

And Supermicro wasn't just supplying boards to Elemental; it was manufacturing for hundreds of other customers.

The company also noted that it does not design or manufacture networking chips and associated software used in its hardware, saying it procured them from leading networking companies.

Bloomberg reported that Amazon Web Services uncovered the malicious chips in 2015 when examining servers manufactured by a company known as Elemental Technologies, which AWS eventually acquired.

If these spy chip allegations really did happen, why would Apple and Amazon deny it?

Amazon adds 4K streaming to the Fire TV Stick
On Wednesday, the e-commerce giant introduced its most powerful streaming stick to date and an all-new Alexa Voice remote . Today, Amazon announced the Fire TV Stick 4K along with a new Alexa Voice Remote .

"One official says investigators found that it eventually affected nearly 30 companies, including a major bank, government contractors, and the world's most valuable company, Apple", write Jordan Robertson and Michael Riley.

Amazon responded that "at no time, past or present, have we ever found any issues relating to modified hardware or malicious chips in Super Micro motherboards in any Elemental or Amazon systems". It's also untrue that AWS knew about servers containing malicious chips or modifications in data centers based in China, or that AWS worked with the FBI to investigate or provide data about malicious hardware.

If this report is true, why would Amazon and Apple deny it?

"It's untrue that AWS knew about a supply chain compromise, an issue with malicious chips, or hardware modifications when acquiring Elemental", Amazon said in a statement to Bloomberg. S. government agencies and private companies via so-called "supply chain attacks", particularly from China where many global tech firms outsource their manufacturing.

'Wouldn't Bother Me' If FBI Talked With All Kavanaugh Accusers
Kavanaugh and Ford appeared before the Senate Judiciary Committee last week, where they answered questions about the allegations. The FBI thus far apparently has failed to approach a third accuser, Julie Swetnick , whose allegations are the most extreme.

The warning came after experts with two prominent USA cybersecurity companies warned this week that Chinese hacking activity has surged amid the escalating trade war between Washington and Beijing.

Share