According to an explosive report from Bloomberg Businessweek, Chinese Spies Hacked the supply chain of servers used by nearly 30 US companies, including government contractors, Apple and Amazon.
The operation is probably the most ambitious example of hardware hacking a national government has ever publicly reported. The armed forces of China are reported to be forcing Chinese producers to insert microchips in servers developed in US. The chips were “not much bigger than a grain of rice,” Bloomberg reports. Chips were capable of undermining the hardware on which they are installed. These chips were pumping data and allowing new code like a Trojan horse.
According to Bloomberg, Apple and Amazon discovered the hack through internal investigations and reported it to US authorities. The publication says that there is no direct evidence that companies or users data were stolen or tampered with. Still, both firms worked quietly to remove compromised servers from their infrastructure.
Both Amazon and Apple strongly refute this story. Amazon says “it is not true that it knew about servers containing malicious chips or modifications to data centers based in China, or that it worked with the FBI to investigate or provide data on malicious hardware.” Apple is equally adamant in saying Bloomberg ” On this, we can be very clear about this: Apple has never found malicious chips, hardware manipulation or vulnerabilities intentionally installed on any server.”
THERE IS NO INFORMATION ON HOW THE COVERT CHIPS MIGHT HAVE BEEN USED
The attack was reportedly carried out through the American company Super Micro Computer Inc, commonly known as Supermicro. The firm is one of the world’s largest suppliers of server motherboards, and contracts out manufacturing to factories in China.
Supermicro motherboards are used worldwide for specialized products such as MRI machines and weapons systems. The company produces servers for hundreds of customers, including Elemental Technologies, a startup specializing in video compression that was acquired by Amazon in 2015.
IT’S LIKE ATTACKING THE WHOLE WORLD.
“Think of Supermicro as Microsoft in the hardware world,” a former U.S. intelligence officer told Bloomberg. “Attacking Supermicro motherboards is like attacking Windows. It’s like attacking the world.”
According to Bloomberg, it was Elemental (via Supermicro), which was a major target for the Chinese military. Servers Elemental “can be found in the data centers of the Ministry of defense, the CIA’s drone operations, and military airborne networks of the Navy”, – says the publication, thousands more are used by Apple and Amazon. In total, almost 30 American companies, including government contractors and one large Bank, were affected by the attack.
Parts of Bloomberg’s history have been previously reported. Apple severed its relationship with Supermicro in 2016, but the iPhone manufacturer said it was due to an unrelated and minor security incident. Amazon was reportedly distancing itself from the compromised Supermicro servers, selling its Chinese infrastructure to a competitor for unknown reasons at the time.
Reports by Bloomberg
In a statement to Bloomberg, Amazon acknowledged that it had discovered “vulnerabilities” in Supermicro products. But said they were related to software, not hardware. Facebook, Another potential customer, has also discovered issues with Supermicro products, identifying malware in the company’s software, and removing servers from its data centers.
Bloomberg reports have not been confirmed by official sources from the US intelligence community. FBI and the Office of Director of national intelligence, representing CIA and the NSA, declined to comment on the story. However, it is well known that such hardware sabotage is a big prize for the intelligence units of the country — the NSA itself was caught carrying out such operations. They promise huge rewards in terms of stolen information, but leave physical traces, unlike software hacks.
As with other major hacks and security failures, consequences of the operation, as Bloomberg reports, will be difficult to judge. According to the newspaper, the investigation of the US intelligence community is still ongoing, three years after its opening.