Apple, Amazon deny report on Chinese hardware attack

Joanna Estrada
October 4, 2018

The servers apparently made their way into everything from Defense Department data centers and Central Intelligence Agency drone operations to companies such Apple, insiders from which told the publication that malicious chips were found on Supermicro motherboards in 2015-the same year when Amazon's retained security experts found them.

In addition to the three Apple insiders, four of the six USA officials confirmed that Apple was a victim. Companies including component manufacturers Huawei and ZTE, as well as surveillance camera-maker Hikvision, have all fallen under intense suspicion and scrutiny from the US government in the past year. This person spoke on the condition of anonymity to discuss matters not approved for public release. The majority of electronic components used in USA technology are manufactured in China.

The U.S. and China are locked in a bitter and escalating trade war, in which hundreds of billions of U.S. and Chinese products are under tariff.

Introducing spy chips into the supply chain would be a significant feat.

USA officials long have anxious about the potential for altered microchips or other components to be secretly inserted into products and shipped to the United States and elsewhere, opening doors to long-term spying on computer users and their information networks. This microchip provided the hacker with a secret doorway into any network the server was connected to.

The report in Bloomberg says that Chinese state spies inserted microchip the size of rice grain into motherboard manufactured in Chinese factories for a company called Super Micro. The company is American but the motherboards were assembled mainly in China.

It said dozens of large United States firms and agencies were using the hardware - but Amazon first discovered the chips, the size of a grain of rice, during a security review it ordered after buying a software firm called Elemental three years ago. The report states that USA investigators found that the tiny microchip was inserted during the manufacturing process by the People's Liberation Army. Bloomberg's piece is titled "The Big Hack" for a good reason, as it involves microchips planted in servers destined for big U.S. companies, which stealthily hooked to the networks their carrier hardware was hooked to.

Apple said it had refuted "virtually every aspect" of the story in on-record responses to Bloomberg. Apple never had any contact with the Federal Bureau of Investigation or any other agency about such an incident.

Supermicro rep Perry Hayes wrote: "We remain unaware of any such investigation".

Supermicro says that "we are not aware of any investigation regarding this topic nor have we been contacted by any government agency in this regard".

Other reports by Click Lancashire

Discuss This Article