In what could be the most important national security story of the decade, a new report alleges that China has been installing tiny microchips, roughly the size of a grain of rice, on the motherboards of countless servers imported into the U.S.
The revelations come from a new report by Bloomberg, which states that the clandestine microchips were first found by Amazon in 2015, which in turn reportedly alerted America’s intelligence agencies.
Amazon Web Services (AWS), which has a contract with the CIA, was investigating a company called Elemental Technologies for a potential acquisition when it allegedly uncovered the microchips. Elemental’s products, along with that of a company called Supermicro, are used by everyone from the U.S. Navy to the CIA.
“Think of Supermicro as the Microsoft of the hardware world,” a former U.S. intelligence official told Bloomberg. “Attacking Supermicro motherboards is like attacking Windows. It’s like attacking the whole world.”
The idea that China has been installing mini-spies into American electronics has long been a fear of the American intelligence community, as the U.S.’s New Cold War adversary produces most of the gadgets used in the west. China manufactures as much as 75 percent of the world’s smartphones and perhaps as much as 90 percent of the world’s personal computers, according to the report.
From Bloomberg Businessweek:
“The chips had been inserted during the manufacturing process, two officials say, by operatives from a unit of the People’s Liberation Army. In Supermicro, China’s spies appear to have found a perfect conduit for what U.S. officials now describe as the most significant supply chain attack known to have been carried out against American companies.”
The exploit reportedly hit nearly 30 American businesses, including Apple, “a major bank,” and a host of government contractors. The investigation into the massive security breach reportedly remains open to this day.
Apple, for its part, has denied Bloomberg’s reporting, issuing a new statement to CNBC this morning:
“We are deeply disappointed that in their dealings with us, Bloomberg’s reporters have not been open to the possibility that they or their sources might be wrong or misinformed. Our best guess is that they are confusing their story with a previously reported 2016 incident in which we discovered an infected driver on a single Super Micro server in one of our labs. That one-time event was determined to be accidental and not a targeted attack against Apple.”
Amazon also challenged Bloomberg’s report, saying, “It’s untrue that AWS knew about a supply chain compromise, an issue with malicious chips, or hardware modifications when acquiring Elemental.”
How could these microchips have hidden in plain sight? By looking like something else entirely.
Again, from Bloomberg:
“The chips on Elemental servers were designed to be as inconspicuous as possible, according to one person who saw a detailed report prepared for Amazon by its third-party security contractor, as well as a second person who saw digital photos and X-ray images of the chips incorporated into a later report prepared by Amazon’s security team. Gray or off-white in color, they looked more like signal conditioning couplers, another common motherboard component, than microchips, and so they were unlikely to be detectable without specialized equipment. Depending on the board model, the chips varied slightly in size, suggesting that the attackers had supplied different factories with different batches.”
There have been growing tensions between China and its New Cold War foes like the United States, Australia, and Germany. Best Buy has stopped selling Huawei devices over fears about the safety of those products and China has been shut out of bidding on lucrative 5G contracts in the United States. The U.S. government even claims that China is using LinkedIn to recruit Americans for spying.
In an email to Gizmodo for this story, Apple pointed us to the denial it provided Bloomberg. Likewise, Amazon reiterated its earlier comment:
“As we shared with Bloomberg BusinessWeek multiple times over the last couple months, at no time, past or present, have we ever found any issues relating to modified hardware or malicious chips in SuperMicro motherboards in any Elemental or Amazon systems.”
- Apple knows the days of record iPhone sales are over, and wants you to stop obsessing over how many it now sells
- Amazon warehouses receive only vital supplies in US, Europe amid coronavirus
- RPT-UPDATE 4-Amazon warehouses receive only vital supplies in U.S., Europe amid coronavirus
- Amazon warehouses receive only vital supplies in U.S., Europe amid coronavirus
- 'Get a grip and test': Oxford University lecturer who was DENIED a coronavirus swab after being rushed to hospital with breathing difficulties slams Boris Johnson for failing to provide more tests
- Is China’s gaokao the world’s toughest school exam?
- Elon Musk Says About 1,200 Ventilators for Coronavirus Patients Ready This Week as Tesla, Facebook and Apple Donate Face Masks
- Android 11 will make sure nobody can spy on you through your camera or microphone
- Elon Musk Delivers 1,255 Ventilators to California After Buying 'Oversupply' From China
- Alexa and other smart speakers may endanger privacy rights
- Business Fallout: Airlines fear failure, delivery in demand
- How-To: Sync music and videos from your computer (aka iTunes)
Apple, Amazon Deny China Installed Tiny Spy Microchips on Their Servers, but We're Still Freaked Out have 858 words, post on gizmodo.com at October 4, 2018. This is cached page on VietNam Breaking News. If you want remove this page, please contact us.